Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@125.0.1-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 125.0.1-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 126.0-1

Latest_non_vulnerable_version 149.0.2-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-35af-887a-cbcg

vulnerability_id VCID-35af-887a-cbcg

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3860

reference_id

reference_type

scores

value	0.00051
scoring_system	epss
scoring_elements	0.15635
published_at	2026-04-21T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15774
published_at	2026-04-09T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15742
published_at	2026-04-11T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15707
published_at	2026-04-12T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15642
published_at	2026-04-13T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15575
published_at	2026-04-16T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15585
published_at	2026-04-18T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15759
published_at	2026-04-02T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15826
published_at	2026-04-04T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.1563
published_at	2026-04-07T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15714
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3860

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T19:52:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1881417

reference_id

show_bug.cgi?id=1881417

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T19:52:58Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1881417

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3860

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35af-887a-cbcg

url VCID-3ekg-4fq3-4bdc

vulnerability_id VCID-3ekg-4fq3-4bdc

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3856

reference_id

reference_type

scores

value	0.00345
scoring_system	epss
scoring_elements	0.57121
published_at	2026-04-18T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57099
published_at	2026-04-21T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69842
published_at	2026-04-16T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.698
published_at	2026-04-13T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69815
published_at	2026-04-12T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69807
published_at	2026-04-09T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69829
published_at	2026-04-11T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71629
published_at	2026-04-07T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71638
published_at	2026-04-02T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71656
published_at	2026-04-04T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71668
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3856

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T20:40:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1885829

reference_id

show_bug.cgi?id=1885829

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T20:40:01Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1885829

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3856

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ekg-4fq3-4bdc

url VCID-3pvs-3ppc-r7a5

vulnerability_id VCID-3pvs-3ppc-r7a5

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3857

reference_id

reference_type

scores

value	0.00125
scoring_system	epss
scoring_elements	0.31714
published_at	2026-04-21T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33303
published_at	2026-04-07T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33334
published_at	2026-04-18T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33319
published_at	2026-04-13T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33342
published_at	2026-04-12T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33383
published_at	2026-04-11T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.3338
published_at	2026-04-09T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33347
published_at	2026-04-08T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33433
published_at	2026-04-02T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33465
published_at	2026-04-04T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33358
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275550
reference_id	2275550
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275550

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1886683

reference_id

show_bug.cgi?id=1886683

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1886683

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3857

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3pvs-3ppc-r7a5

url VCID-4nqf-nxkj-x3g4

vulnerability_id VCID-4nqf-nxkj-x3g4

summary GetBoundName could return the wrong version of an object when JIT optimizations were applied.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3852.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3852.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3852

reference_id

reference_type

scores

value	0.0104
scoring_system	epss
scoring_elements	0.7746
published_at	2026-04-21T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78272
published_at	2026-04-07T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78333
published_at	2026-04-18T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78305
published_at	2026-04-13T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78312
published_at	2026-04-12T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78329
published_at	2026-04-11T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78303
published_at	2026-04-09T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78298
published_at	2026-04-08T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78259
published_at	2026-04-02T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.7829
published_at	2026-04-04T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78334
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275547
reference_id	2275547
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275547

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1883542

reference_id

show_bug.cgi?id=1883542

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1883542

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3852

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqf-nxkj-x3g4

url VCID-4q92-3x61-ukep

vulnerability_id VCID-4q92-3x61-ukep

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3858

reference_id

reference_type

scores

value	0.00304
scoring_system	epss
scoring_elements	0.53591
published_at	2026-04-02T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53588
published_at	2026-04-07T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53619
published_at	2026-04-04T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67603
published_at	2026-04-21T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67588
published_at	2026-04-08T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67601
published_at	2026-04-09T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67624
published_at	2026-04-18T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.6761
published_at	2026-04-12T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67578
published_at	2026-04-13T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67612
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3858

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-17T18:23:22Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1888892

reference_id

show_bug.cgi?id=1888892

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-17T18:23:22Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1888892

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3858

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q92-3x61-ukep

url VCID-5j1d-9624-y3e2

vulnerability_id VCID-5j1d-9624-y3e2

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3862

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33908
published_at	2026-04-21T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33986
published_at	2026-04-09T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33984
published_at	2026-04-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33942
published_at	2026-04-12T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33918
published_at	2026-04-13T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33955
published_at	2026-04-16T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3394
published_at	2026-04-18T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.34026
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.34057
published_at	2026-04-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33912
published_at	2026-04-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33954
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3862

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T18:20:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884457

reference_id

show_bug.cgi?id=1884457

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T18:20:23Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884457

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3862

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5j1d-9624-y3e2

url VCID-8sba-dejt-vqfp

vulnerability_id VCID-8sba-dejt-vqfp

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3861

reference_id

reference_type

scores

value	0.00119
scoring_system	epss
scoring_elements	0.30807
published_at	2026-04-21T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.3237
published_at	2026-04-07T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32397
published_at	2026-04-18T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32384
published_at	2026-04-13T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32411
published_at	2026-04-12T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32449
published_at	2026-04-11T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32446
published_at	2026-04-09T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32418
published_at	2026-04-08T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32512
published_at	2026-04-02T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32547
published_at	2026-04-04T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.3242
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275553
reference_id	2275553
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275553

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1883158

reference_id

show_bug.cgi?id=1883158

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1883158

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3861

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8sba-dejt-vqfp

url VCID-abt2-6a7f-pfba

vulnerability_id VCID-abt2-6a7f-pfba

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3864

reference_id

reference_type

scores

value	0.00983
scoring_system	epss
scoring_elements	0.76838
published_at	2026-04-21T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77676
published_at	2026-04-04T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77737
published_at	2026-04-18T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.777
published_at	2026-04-13T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77702
published_at	2026-04-12T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77718
published_at	2026-04-11T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77692
published_at	2026-04-09T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77686
published_at	2026-04-08T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77658
published_at	2026-04-07T12:55:00Z

value	0.01067
scoring_system	epss
scoring_elements	0.77649
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275555
reference_id	2275555
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275555

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1888333

reference_id

show_bug.cgi?id=1888333

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1888333

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3864

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-abt2-6a7f-pfba

url VCID-ecs2-1xkw-wkga

vulnerability_id VCID-ecs2-1xkw-wkga

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3855

reference_id

reference_type

scores

value	0.00165
scoring_system	epss
scoring_elements	0.37679
published_at	2026-04-11T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37652
published_at	2026-04-08T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37665
published_at	2026-04-09T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37664
published_at	2026-04-16T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37617
published_at	2026-04-13T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37645
published_at	2026-04-12T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37582
published_at	2026-04-21T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37646
published_at	2026-04-18T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43926
published_at	2026-04-07T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43974
published_at	2026-04-02T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43996
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3855

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:34:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1885828

reference_id

show_bug.cgi?id=1885828

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:34:26Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1885828

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3855

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecs2-1xkw-wkga

url VCID-h5ub-djvf-nffv

vulnerability_id VCID-h5ub-djvf-nffv

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3302

reference_id

reference_type

scores

value	0.00097
scoring_system	epss
scoring_elements	0.26592
published_at	2026-04-21T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26629
published_at	2026-04-18T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26628
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26657
published_at	2026-04-16T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26649
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26706
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.2675
published_at	2026-04-11T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26746
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26695
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26803
published_at	2026-04-02T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26843
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2273383
reference_id	2273383
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2273383

reference_url

https://kb.cert.org/vuls/id/421644

reference_id

421644

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://kb.cert.org/vuls/id/421644

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1881183

reference_id

show_bug.cgi?id=1881183

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1881183

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3302

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5ub-djvf-nffv

url VCID-ku26-71r1-vfem

vulnerability_id VCID-ku26-71r1-vfem

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3854

reference_id

reference_type

scores

value	0.00928
scoring_system	epss
scoring_elements	0.76101
published_at	2026-04-21T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77014
published_at	2026-04-07T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77102
published_at	2026-04-18T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.7706
published_at	2026-04-13T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77065
published_at	2026-04-12T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77085
published_at	2026-04-11T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77056
published_at	2026-04-09T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77046
published_at	2026-04-08T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77004
published_at	2026-04-02T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.77033
published_at	2026-04-04T12:55:00Z

value	0.01007
scoring_system	epss
scoring_elements	0.771
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275549
reference_id	2275549
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275549

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884552

reference_id

show_bug.cgi?id=1884552

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884552

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3854

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ku26-71r1-vfem

url VCID-mfs8-2vzs-pybf

vulnerability_id VCID-mfs8-2vzs-pybf

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3859

reference_id

reference_type

scores

value	0.01586
scoring_system	epss
scoring_elements	0.8165
published_at	2026-04-21T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82358
published_at	2026-04-04T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82433
published_at	2026-04-18T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82398
published_at	2026-04-13T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82404
published_at	2026-04-12T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82407
published_at	2026-04-11T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82388
published_at	2026-04-09T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82381
published_at	2026-04-08T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.82354
published_at	2026-04-07T12:55:00Z

value	0.0172
scoring_system	epss
scoring_elements	0.8234
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275552
reference_id	2275552
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275552

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874489

reference_id

show_bug.cgi?id=1874489

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874489

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3859

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfs8-2vzs-pybf

url VCID-rpnz-nsfq-97am

vulnerability_id VCID-rpnz-nsfq-97am

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3865

reference_id

reference_type

scores

value	0.00278
scoring_system	epss
scoring_elements	0.51253
published_at	2026-04-21T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51222
published_at	2026-04-09T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51266
published_at	2026-04-11T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51244
published_at	2026-04-12T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.5123
published_at	2026-04-13T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51269
published_at	2026-04-16T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51276
published_at	2026-04-18T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51187
published_at	2026-04-02T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51213
published_at	2026-04-04T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.5117
published_at	2026-04-07T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51225
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1881076%2C1884887%2C1885359%2C1889049

reference_id

buglist.cgi?bug_id=1881076%2C1884887%2C1885359%2C1889049

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:48:47Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1881076%2C1884887%2C1885359%2C1889049

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:48:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3865

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rpnz-nsfq-97am

url VCID-s1mx-dkf3-p7f7

vulnerability_id VCID-s1mx-dkf3-p7f7

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3853

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.25792
published_at	2026-04-21T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25923
published_at	2026-04-09T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25933
published_at	2026-04-11T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25891
published_at	2026-04-12T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25837
published_at	2026-04-13T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.2584
published_at	2026-04-16T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25821
published_at	2026-04-18T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25988
published_at	2026-04-02T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.2603
published_at	2026-04-04T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25801
published_at	2026-04-07T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25872
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3853

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:40:35Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884427

reference_id

show_bug.cgi?id=1884427

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:40:35Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884427

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@125.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@125.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2024-3853

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s1mx-dkf3-p7f7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid

Package Instance