Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/77126?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "type": "ebuild", "namespace": "mail-client", "name": "thunderbird", "version": "115.10.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "115.11.0", "latest_non_vulnerable_version": "128.9.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47586?format=api", "vulnerability_id": "VCID-13hn-7fbd-mfhq", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66365", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6635", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66307", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66325", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66358", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66338", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1553" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265356", "reference_id": "2265356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265356" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286", "reference_id": "buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1553" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13hn-7fbd-mfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47588?format=api", "vulnerability_id": "VCID-2zdh-azdw-tuav", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2609.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2609.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77312", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78203", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78159", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78166", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78133", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78151", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.7817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78174", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78191", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275551", "reference_id": "2275551", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275551" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-12/", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-12/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1866100", "reference_id": "show_bug.cgi?id=1866100", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1866100" }, { "reference_url": "https://usn.ubuntu.com/6703-1/", "reference_id": "USN-6703-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6703-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-2609" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zdh-azdw-tuav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47591?format=api", "vulnerability_id": "VCID-3pvs-3ppc-r7a5", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31714", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33303", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33334", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33319", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33342", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33383", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.3338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33465", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33358", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275550", "reference_id": "2275550", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275550" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1886683", "reference_id": "show_bug.cgi?id=1886683", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1886683" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3857" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3pvs-3ppc-r7a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47582?format=api", "vulnerability_id": "VCID-6b6h-x2km-u7fb", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5667", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56698", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56671", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5665", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.567", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56669", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56715", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265352", "reference_id": "2265352", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265352" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833814", "reference_id": "show_bug.cgi?id=1833814", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833814" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1549" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b6h-x2km-u7fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47584?format=api", "vulnerability_id": "VCID-782n-nc6m-13ec", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52466", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52524", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52484", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52501", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52454", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52419", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52472", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52515", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5253", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265354", "reference_id": "2265354", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265354" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864385", "reference_id": "show_bug.cgi?id=1864385", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864385" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1551" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-782n-nc6m-13ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47593?format=api", "vulnerability_id": "VCID-8sba-dejt-vqfp", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30807", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3237", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32397", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32384", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32411", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32449", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32446", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32512", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3242", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275553", "reference_id": "2275553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275553" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883158", "reference_id": "show_bug.cgi?id=1883158", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883158" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3861" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sba-dejt-vqfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47594?format=api", "vulnerability_id": "VCID-abt2-6a7f-pfba", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77676", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77737", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.777", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77702", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77718", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77686", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77658", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77649", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275555", "reference_id": "2275555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275555" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888333", "reference_id": "show_bug.cgi?id=1888333", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888333" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3864" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abt2-6a7f-pfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47579?format=api", "vulnerability_id": "VCID-b3jt-7h5q-vqgd", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65947", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65958", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65905", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.6587", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65908", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65934", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265349", "reference_id": "2265349", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265349" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843752", "reference_id": "show_bug.cgi?id=1843752", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843752" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1546" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b3jt-7h5q-vqgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47589?format=api", "vulnerability_id": "VCID-h5ub-djvf-nffv", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26592", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26629", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26706", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2675", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26746", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26695", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26803", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26843", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273383", "reference_id": "2273383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273383" }, { "reference_url": "https://kb.cert.org/vuls/id/421644", "reference_id": "421644", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://kb.cert.org/vuls/id/421644" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881183", "reference_id": "show_bug.cgi?id=1881183", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881183" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3302" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5ub-djvf-nffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47590?format=api", "vulnerability_id": "VCID-ku26-71r1-vfem", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76101", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77102", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.7706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77046", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.771", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275549", "reference_id": "2275549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275549" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884552", "reference_id": "show_bug.cgi?id=1884552", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884552" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3854" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ku26-71r1-vfem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47592?format=api", "vulnerability_id": "VCID-mfs8-2vzs-pybf", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01586", "scoring_system": "epss", "scoring_elements": "0.8165", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82358", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82404", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82407", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82381", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82354", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.8234", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275552", "reference_id": "2275552", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275552" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874489", "reference_id": "show_bug.cgi?id=1874489", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874489" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77510?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0" } ], "aliases": [ "CVE-2024-3859" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfs8-2vzs-pybf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47583?format=api", "vulnerability_id": "VCID-rbuu-mph9-7uay", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42325", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42317", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42341", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42291", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42319", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42304", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42332", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42273", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42244", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265353", "reference_id": "2265353", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265353" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860065", "reference_id": "show_bug.cgi?id=1860065", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860065" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1550" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rbuu-mph9-7uay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47585?format=api", "vulnerability_id": "VCID-ss1w-euua-83gz", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51719", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51739", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51669", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51684", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51629", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51644", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51732", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51691", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51729", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5168", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265355", "reference_id": "2265355", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265355" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874502", "reference_id": "show_bug.cgi?id=1874502", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874502" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1552" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ss1w-euua-83gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47587?format=api", "vulnerability_id": "VCID-yg34-x56m-rufk", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58524", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.5848", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58451", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58503", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58509", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58526", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58507", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58487", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58519", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58461", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268171", "reference_id": "2268171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268171" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-11", "reference_id": "mfsa2024-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-11/", "reference_id": "mfsa2024-11", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-11/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1492", "reference_id": "RHSA-2024:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1493", "reference_id": "RHSA-2024:1493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1494", "reference_id": "RHSA-2024:1494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1495", "reference_id": "RHSA-2024:1495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1496", "reference_id": "RHSA-2024:1496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1497", "reference_id": "RHSA-2024:1497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1498", "reference_id": "RHSA-2024:1498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1499", "reference_id": "RHSA-2024:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1500", "reference_id": "RHSA-2024:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1500" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860977", "reference_id": "show_bug.cgi?id=1860977", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860977" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1936" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yg34-x56m-rufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47581?format=api", "vulnerability_id": "VCID-z52c-v64a-nyhb", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55851", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55877", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55811", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55873", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55837", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55876", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55866", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265351", "reference_id": "2265351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265351" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1832627", "reference_id": "show_bug.cgi?id=1832627", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1832627" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1548" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z52c-v64a-nyhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47580?format=api", "vulnerability_id": "VCID-z5ts-p4r1-bkh6", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69692", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69711", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69623", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69702", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69661", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69676", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69691", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69669", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265350", "reference_id": "2265350", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265350" }, { "reference_url": "https://security.gentoo.org/glsa/202405-15", "reference_id": "GLSA-202405-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-15" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "reference_id": "mfsa2024-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "reference_id": "mfsa2024-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "reference_id": "mfsa2024-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0952", "reference_id": "RHSA-2024:0952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0955", "reference_id": "RHSA-2024:0955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0957", "reference_id": "RHSA-2024:0957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0958", "reference_id": "RHSA-2024:0958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0959", "reference_id": "RHSA-2024:0959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0960", "reference_id": "RHSA-2024:0960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0961", "reference_id": "RHSA-2024:0961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0962", "reference_id": "RHSA-2024:0962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0963", "reference_id": "RHSA-2024:0963", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0963" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0964", "reference_id": "RHSA-2024:0964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0968", "reference_id": "RHSA-2024:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0969", "reference_id": "RHSA-2024:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0970", "reference_id": "RHSA-2024:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0971", "reference_id": "RHSA-2024:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0972", "reference_id": "RHSA-2024:0972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0976", "reference_id": "RHSA-2024:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0983", "reference_id": "RHSA-2024:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0984", "reference_id": "RHSA-2024:0984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0984" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1877879", "reference_id": "show_bug.cgi?id=1877879", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1877879" }, { "reference_url": "https://usn.ubuntu.com/6649-1/", "reference_id": "USN-6649-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6649-1/" }, { "reference_url": "https://usn.ubuntu.com/6669-1/", "reference_id": "USN-6669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6669-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77126?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@115.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" } ], "aliases": [ "CVE-2024-1547" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5ts-p4r1-bkh6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0" }