Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community

Type apk

Namespace alpine

Name firefox-esr

Version 115.8.0-r0

Qualifiers

arch	aarch64
distroversion	v3.18
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 115.9.0-r0

Latest_non_vulnerable_version 115.17.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2a4c-pjqa-63bv

vulnerability_id VCID-2a4c-pjqa-63bv

summary A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1550

reference_id

reference_type

scores

value	0.00202
scoring_system	epss
scoring_elements	0.42246
published_at	2026-06-06T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42235
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265353
reference_id	2265353
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265353

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1860065

reference_id

show_bug.cgi?id=1860065

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1860065

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1550

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2a4c-pjqa-63bv

url VCID-3hnn-u3at-bqb8

vulnerability_id VCID-3hnn-u3at-bqb8

summary A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1548

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59745
published_at	2026-06-05T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59749
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265351
reference_id	2265351
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265351

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1832627

reference_id

show_bug.cgi?id=1832627

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1832627

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1548

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3hnn-u3at-bqb8

url VCID-4qhn-ntkb-8bh5

vulnerability_id VCID-4qhn-ntkb-8bh5

summary Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1551

reference_id

reference_type

scores

value	0.00291
scoring_system	epss
scoring_elements	0.5279
published_at	2026-06-06T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52784
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265354
reference_id	2265354
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265354

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1864385

reference_id

show_bug.cgi?id=1864385

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1864385

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1551

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qhn-ntkb-8bh5

url VCID-bbr4-fhcs-63gz

vulnerability_id VCID-bbr4-fhcs-63gz

summary If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1549

reference_id

reference_type

scores

value	0.00339
scoring_system	epss
scoring_elements	0.5694
published_at	2026-06-05T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56947
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265352
reference_id	2265352
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265352

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1833814

reference_id

show_bug.cgi?id=1833814

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1833814

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1549

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbr4-fhcs-63gz

url VCID-r461-99bu-nuet

vulnerability_id VCID-r461-99bu-nuet

summary Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1553

reference_id

reference_type

scores

value	0.00435
scoring_system	epss
scoring_elements	0.63296
published_at	2026-06-05T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.63303
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1553

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265356
reference_id	2265356
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265356

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

reference_id

buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1553

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r461-99bu-nuet

url VCID-s7f5-djtj-yub2

vulnerability_id VCID-s7f5-djtj-yub2

summary When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1546

reference_id

reference_type

scores

value	0.00499
scoring_system	epss
scoring_elements	0.66313
published_at	2026-06-05T12:55:00Z

value	0.00499
scoring_system	epss
scoring_elements	0.66321
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265349
reference_id	2265349
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265349

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843752

reference_id

show_bug.cgi?id=1843752

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843752

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1546

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s7f5-djtj-yub2

url VCID-vkdm-dx92-zbbx

vulnerability_id VCID-vkdm-dx92-zbbx

summary Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1547

reference_id

reference_type

scores

value	0.0073
scoring_system	epss
scoring_elements	0.73085
published_at	2026-06-05T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.73091
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265350
reference_id	2265350
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265350

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1877879

reference_id

show_bug.cgi?id=1877879

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1877879

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1547

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkdm-dx92-zbbx

url VCID-y94b-bdrg-fbh2

vulnerability_id VCID-y94b-bdrg-fbh2

summary Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1552

reference_id

reference_type

scores

value	0.00283
scoring_system	epss
scoring_elements	0.51984
published_at	2026-06-05T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51993
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265355
reference_id	2265355
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265355

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874502

reference_id

show_bug.cgi?id=1874502

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874502

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.8.0-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

aliases CVE-2024-1552

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y94b-bdrg-fbh2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.8.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

Package Instance