Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/192708?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "type": "ebuild", "namespace": "mail-client", "name": "thunderbird", "version": "115.10.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "115.11.0", "latest_non_vulnerable_version": "128.9.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92?format=api", "vulnerability_id": "VCID-2a4c-pjqa-63bv", "summary": "A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42235", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265353", "reference_id": "2265353", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265353" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860065", "reference_id": "show_bug.cgi?id=1860065", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860065" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1550" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2a4c-pjqa-63bv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/139?format=api", "vulnerability_id": "VCID-2n6g-4hcr-r7ak", "summary": "Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.77184", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275555", "reference_id": "2275555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275555" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888333", "reference_id": "show_bug.cgi?id=1888333", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888333" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3864" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2n6g-4hcr-r7ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124?format=api", "vulnerability_id": "VCID-2zr5-zz2g-r7fj", "summary": "The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58255", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268171", "reference_id": "2268171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268171" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-11", "reference_id": "mfsa2024-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-11/", "reference_id": "mfsa2024-11", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-11/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1492", "reference_id": "RHSA-2024:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1493", "reference_id": "RHSA-2024:1493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1494", "reference_id": "RHSA-2024:1494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1495", "reference_id": "RHSA-2024:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1496", "reference_id": "RHSA-2024:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1497", "reference_id": "RHSA-2024:1497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1498", "reference_id": "RHSA-2024:1498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1499", "reference_id": "RHSA-2024:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1500", "reference_id": "RHSA-2024:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1500" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860977", "reference_id": "show_bug.cgi?id=1860977", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860977" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1936" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zr5-zz2g-r7fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90?format=api", "vulnerability_id": "VCID-3hnn-u3at-bqb8", "summary": "A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59745", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265351", "reference_id": "2265351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265351" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1832627", "reference_id": "show_bug.cgi?id=1832627", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1832627" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1548" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hnn-u3at-bqb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/138?format=api", "vulnerability_id": "VCID-4c7a-zcr6-1yfr", "summary": "There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26701", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273383", "reference_id": "2273383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273383" }, { "reference_url": "https://kb.cert.org/vuls/id/421644", "reference_id": "421644", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://kb.cert.org/vuls/id/421644" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881183", "reference_id": "show_bug.cgi?id=1881183", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881183" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3302" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4c7a-zcr6-1yfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93?format=api", "vulnerability_id": "VCID-4qhn-ntkb-8bh5", "summary": "Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52784", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265354", "reference_id": "2265354", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265354" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864385", "reference_id": "show_bug.cgi?id=1864385", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864385" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1551" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4qhn-ntkb-8bh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133?format=api", "vulnerability_id": "VCID-agth-xz5k-duek", "summary": "On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84534", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275552", "reference_id": "2275552", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275552" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874489", "reference_id": "show_bug.cgi?id=1874489", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874489" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3859" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agth-xz5k-duek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91?format=api", "vulnerability_id": "VCID-bbr4-fhcs-63gz", "summary": "If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5694", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265352", "reference_id": "2265352", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265352" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833814", "reference_id": "show_bug.cgi?id=1833814", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833814" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1549" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbr4-fhcs-63gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/131?format=api", "vulnerability_id": "VCID-gjmt-u518-ukd9", "summary": "The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35187", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275550", "reference_id": "2275550", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275550" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1886683", "reference_id": "show_bug.cgi?id=1886683", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1886683" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3857" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjmt-u518-ukd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95?format=api", "vulnerability_id": "VCID-r461-99bu-nuet", "summary": "Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.63296", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1553" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265356", "reference_id": "2265356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265356" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286", "reference_id": "buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1553" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r461-99bu-nuet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/128?format=api", "vulnerability_id": "VCID-rzk7-8m93-9bej", "summary": "In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.7649", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275549", "reference_id": "2275549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275549" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884552", "reference_id": "show_bug.cgi?id=1884552", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884552" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3854" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzk7-8m93-9bej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88?format=api", "vulnerability_id": "VCID-s7f5-djtj-yub2", "summary": "When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.66313", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265349", "reference_id": "2265349", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265349" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843752", "reference_id": "show_bug.cgi?id=1843752", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843752" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1546" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7f5-djtj-yub2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/135?format=api", "vulnerability_id": "VCID-snpf-u5z1-nkdy", "summary": "If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3046", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275553", "reference_id": "2275553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275553" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883158", "reference_id": "show_bug.cgi?id=1883158", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883158" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3861" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snpf-u5z1-nkdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/150?format=api", "vulnerability_id": "VCID-uudn-1wbp-27h5", "summary": "The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2609.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2609.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77653", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275551", "reference_id": "2275551", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275551" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-12/", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-12/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1866100", "reference_id": "show_bug.cgi?id=1866100", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1866100" }, { "reference_url": "https://usn.ubuntu.com/6703-1/", "reference_id": "USN-6703-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6703-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192983?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-2609" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uudn-1wbp-27h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89?format=api", "vulnerability_id": "VCID-vkdm-dx92-zbbx", "summary": "Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0073", "scoring_system": "epss", "scoring_elements": "0.73085", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265350", "reference_id": "2265350", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265350" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1877879", "reference_id": "show_bug.cgi?id=1877879", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1877879" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1547" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vkdm-dx92-zbbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94?format=api", "vulnerability_id": "VCID-y94b-bdrg-fbh2", "summary": "Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51984", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265355", "reference_id": "2265355", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265355" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874502", "reference_id": "show_bug.cgi?id=1874502", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874502" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192708?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1552" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y94b-bdrg-fbh2" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }