Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/83387?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "type": "ebuild", "namespace": "www-client", "name": "firefox-bin", "version": "123.3.1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "124.0.1", "latest_non_vulnerable_version": "137.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36136?format=api", "vulnerability_id": "VCID-1z5d-4wfm-8yfk", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39539", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39555", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39597", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39513", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39583", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39567", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9396" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315954", "reference_id": "2315954", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315954" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912471", "reference_id": "show_bug.cgi?id=1912471", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912471" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9396" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1z5d-4wfm-8yfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57338?format=api", "vulnerability_id": "VCID-253e-56sw-77b1", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69133", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69184", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69136", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69154", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69212", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69227", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69205", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69185", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6611" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1844827", "reference_id": "show_bug.cgi?id=1844827", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1844827" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6611" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-253e-56sw-77b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36106?format=api", "vulnerability_id": "VCID-2cuh-xyst-rbgv", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54859", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54848", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54872", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.549", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54888", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7518" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303135", "reference_id": "2303135", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303135" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1875354", "reference_id": "show_bug.cgi?id=1875354", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1875354" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7518" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cuh-xyst-rbgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57353?format=api", "vulnerability_id": "VCID-2j6k-5q8j-3fbc", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30808", "scoring_system": "epss", "scoring_elements": "0.96725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.30808", "scoring_system": "epss", "scoring_elements": "0.96728", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.30808", "scoring_system": "epss", "scoring_elements": "0.96714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.30808", "scoring_system": "epss", "scoring_elements": "0.96722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.30808", "scoring_system": "epss", "scoring_elements": "0.96723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.31347", "scoring_system": "epss", "scoring_elements": "0.96757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.31347", "scoring_system": "epss", "scoring_elements": "0.96755", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9680" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989", "reference_id": "1084989", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317442", "reference_id": "2317442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317442" }, { "reference_url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039", "reference_id": "CVE-2024-49039", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-51", "reference_id": "mfsa2024-51", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-51/", "reference_id": "mfsa2024-51", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-52", "reference_id": "mfsa2024-52", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-52" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-52/", "reference_id": "mfsa2024-52", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-52/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7958", "reference_id": "RHSA-2024:7958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7977", "reference_id": "RHSA-2024:7977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8024", "reference_id": "RHSA-2024:8024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8025", "reference_id": "RHSA-2024:8025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8026", "reference_id": "RHSA-2024:8026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8027", "reference_id": "RHSA-2024:8027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8028", "reference_id": "RHSA-2024:8028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8029", "reference_id": "RHSA-2024:8029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8030", "reference_id": "RHSA-2024:8030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8031", "reference_id": "RHSA-2024:8031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8032", "reference_id": "RHSA-2024:8032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8033", "reference_id": "RHSA-2024:8033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8034", "reference_id": "RHSA-2024:8034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8131", "reference_id": "RHSA-2024:8131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8167", "reference_id": "RHSA-2024:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8176", "reference_id": "RHSA-2024:8176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1923344", "reference_id": "show_bug.cgi?id=1923344", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1923344" }, { "reference_url": "https://usn.ubuntu.com/7065-1/", "reference_id": "USN-7065-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7065-1/" }, { "reference_url": "https://usn.ubuntu.com/7066-1/", "reference_id": "USN-7066-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7066-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9680" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2j6k-5q8j-3fbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36107?format=api", "vulnerability_id": "VCID-2pvz-3cmq-53dk", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7519.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7519.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58793", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58763", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5883", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58812", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58784", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58805", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58753", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303136", "reference_id": "2303136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303136" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902307", "reference_id": "show_bug.cgi?id=1902307", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902307" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7519" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2pvz-3cmq-53dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36122?format=api", "vulnerability_id": "VCID-3ayf-d2s1-67ff", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8382.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8382.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47431", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47456", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47451", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47476", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309428", "reference_id": "2309428", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309428" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-41/", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-44", "reference_id": "mfsa2024-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", "reference_id": "mfsa2024-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744", "reference_id": "show_bug.cgi?id=1906744", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906744" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8382" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ayf-d2s1-67ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36128?format=api", "vulnerability_id": "VCID-3sjh-f264-m3g7", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.6771", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67668", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67735", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.6772", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67669", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67688", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67744", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67759", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309433", "reference_id": "2309433", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309433" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009", "reference_id": "buglist.cgi?bug_id=1857607%2C1911858%2C1914009", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8387" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3sjh-f264-m3g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36111?format=api", "vulnerability_id": "VCID-4jfr-pz41-gfbz", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7523", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30151", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30143", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30203", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30241", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30198", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30279", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7523" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908344", "reference_id": "show_bug.cgi?id=1908344", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908344" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7523" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfr-pz41-gfbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57333?format=api", "vulnerability_id": "VCID-4vg5-9865-s3b2", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.4054", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40577", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40567", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6606" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T16:02:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T16:02:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902305", "reference_id": "show_bug.cgi?id=1902305", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T16:02:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902305" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6606" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4vg5-9865-s3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36130?format=api", "vulnerability_id": "VCID-62zr-8w1c-bydt", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8394.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58389", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58353", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58406", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58412", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58429", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58408", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58359", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58379", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8394" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310481", "reference_id": "2310481", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310481" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T19:38:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895737", "reference_id": "show_bug.cgi?id=1895737", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T19:38:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895737" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8394" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-62zr-8w1c-bydt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57340?format=api", "vulnerability_id": "VCID-6qv9-5wrf-cfee", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6613", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22802", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22947", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2291", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6613" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-22T17:43:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-22T17:43:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1900523", "reference_id": "show_bug.cgi?id=1900523", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-22T17:43:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1900523" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6613" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qv9-5wrf-cfee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36116?format=api", "vulnerability_id": "VCID-957q-jagj-9kg7", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7527.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7527.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46996", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47023", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46981", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46998", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47001", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46947", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303144", "reference_id": "2303144", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303144" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1871303", "reference_id": "show_bug.cgi?id=1871303", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1871303" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7527" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-957q-jagj-9kg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36142?format=api", "vulnerability_id": "VCID-9caj-c15z-xuf5", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28254", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28242", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.2845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28312", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28351", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28308", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9403" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315947", "reference_id": "2315947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315947" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1917807", "reference_id": "show_bug.cgi?id=1917807", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1917807" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9403" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9caj-c15z-xuf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36131?format=api", "vulnerability_id": "VCID-b6ug-rdyx-4uaw", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44151", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44136", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44133", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44082", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44119", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44152", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312914", "reference_id": "2312914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312914" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1872841", "reference_id": "show_bug.cgi?id=1872841", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1872841" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8900" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ug-rdyx-4uaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36139?format=api", "vulnerability_id": "VCID-bsnh-1chq-z7ae", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33808", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33832", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33876", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33802", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33949", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33917", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9400" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315953", "reference_id": "2315953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315953" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915249", "reference_id": "show_bug.cgi?id=1915249", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915249" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9400" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsnh-1chq-z7ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57346?format=api", "vulnerability_id": "VCID-bt2a-qhce-zqcc", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7530", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.6754", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67541", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7530" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-08T17:53:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1904011", "reference_id": "show_bug.cgi?id=1904011", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-08T17:53:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1904011" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7530" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bt2a-qhce-zqcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36112?format=api", "vulnerability_id": "VCID-cmr4-6stm-jfe9", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7524.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7524.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53049", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52996", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53032", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53038", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.5302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53081", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303141", "reference_id": "2303141", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303141" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909241", "reference_id": "show_bug.cgi?id=1909241", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909241" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7524" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cmr4-6stm-jfe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36132?format=api", "vulnerability_id": "VCID-dmnj-pt27-3bge", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57972", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57948", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58003", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58005", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57999", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57953", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9391" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315948", "reference_id": "2315948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315948" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1892407", "reference_id": "show_bug.cgi?id=1892407", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1892407" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9391" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmnj-pt27-3bge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36108?format=api", "vulnerability_id": "VCID-drjc-gxrt-q7ha", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7520.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7520.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7520", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70932", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70948", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70964", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70926", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70889", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.70907", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7520" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303137", "reference_id": "2303137", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303137" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1903041", "reference_id": "show_bug.cgi?id=1903041", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1903041" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7520" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drjc-gxrt-q7ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57341?format=api", "vulnerability_id": "VCID-dzdd-y6rv-dbe2", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6614", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43742", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43725", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.4375", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6614" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:13:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:13:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902983", "reference_id": "show_bug.cgi?id=1902983", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:13:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902983" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6614" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzdd-y6rv-dbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36102?format=api", "vulnerability_id": "VCID-frvc-mqhd-eydh", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29784", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29646", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29708", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.2983", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29747", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29745", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296636", "reference_id": "2296636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296636" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4500", "reference_id": "RHSA-2024:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4501", "reference_id": "RHSA-2024:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4508", "reference_id": "RHSA-2024:4508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4517", "reference_id": "RHSA-2024:4517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4586", "reference_id": "RHSA-2024:4586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4590", "reference_id": "RHSA-2024:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4610", "reference_id": "RHSA-2024:4610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4624", "reference_id": "RHSA-2024:4624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4625", "reference_id": "RHSA-2024:4625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4634", "reference_id": "RHSA-2024:4634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4635", "reference_id": "RHSA-2024:4635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4670", "reference_id": "RHSA-2024:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4671", "reference_id": "RHSA-2024:4671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4673", "reference_id": "RHSA-2024:4673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4717", "reference_id": "RHSA-2024:4717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4718", "reference_id": "RHSA-2024:4718", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4718" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4894", "reference_id": "RHSA-2024:4894", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4894" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1890748", "reference_id": "show_bug.cgi?id=1890748", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1890748" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" }, { "reference_url": "https://usn.ubuntu.com/6903-1/", "reference_id": "USN-6903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6601" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-frvc-mqhd-eydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57334?format=api", "vulnerability_id": "VCID-geqm-dd33-cuc5", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.7606", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76118", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76073", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76092", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76145", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.7612", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76106", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6607" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T21:34:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T21:34:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694513", "reference_id": "show_bug.cgi?id=1694513", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T21:34:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694513" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6607" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-geqm-dd33-cuc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36119?format=api", "vulnerability_id": "VCID-gret-hn3p-5kbk", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19549", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19297", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19353", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19266", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19345", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19502", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19397", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303148", "reference_id": "2303148", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303148" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905691", "reference_id": "show_bug.cgi?id=1905691", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905691" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7531" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gret-hn3p-5kbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36125?format=api", "vulnerability_id": "VCID-hetc-sghb-1fcx", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8384.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55177", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55218", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55237", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55226", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55201", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309430", "reference_id": "2309430", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309430" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-41/", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-44", "reference_id": "mfsa2024-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", "reference_id": "mfsa2024-44", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288", "reference_id": "show_bug.cgi?id=1911288", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8384" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hetc-sghb-1fcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36134?format=api", "vulnerability_id": "VCID-hu6v-g43k-9uep", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52074", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52039", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52005", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52108", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52091", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52013", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315958", "reference_id": "2315958", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315958" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906024", "reference_id": "show_bug.cgi?id=1906024", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906024" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9395" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hu6v-g43k-9uep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36141?format=api", "vulnerability_id": "VCID-jebk-6hja-ukfc", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31753", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31789", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31829", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31826", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31926", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31883", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9402" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315951", "reference_id": "2315951", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315951" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476", "reference_id": "buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9402" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jebk-6hja-ukfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36124?format=api", "vulnerability_id": "VCID-jt6f-rpfx-7kbj", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8383.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44939", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44976", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44954", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44953", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.4496", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44946", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44944", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309429", "reference_id": "2309429", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309429" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-41/", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-41/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496", "reference_id": "show_bug.cgi?id=1908496", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1908496" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8383" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jt6f-rpfx-7kbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36137?format=api", "vulnerability_id": "VCID-k3ec-bt9r-pkhg", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44456", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44486", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.4447", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44463", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44412", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44476", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44455", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9397" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315949", "reference_id": "2315949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315949" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1916659", "reference_id": "show_bug.cgi?id=1916659", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1916659" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9397" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ec-bt9r-pkhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36133?format=api", "vulnerability_id": "VCID-ka9e-ps8e-ryc8", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35131", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35166", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35162", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35091", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35136", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35181", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3521", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315959", "reference_id": "2315959", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315959" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-48/", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899154", "reference_id": "show_bug.cgi?id=1899154", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899154" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905843", "reference_id": "show_bug.cgi?id=1905843", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905843" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9392" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9e-ps8e-ryc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36138?format=api", "vulnerability_id": "VCID-kpun-mgtm-5uhd", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49347", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49349", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49353", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49358", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9399" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315945", "reference_id": "2315945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315945" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907726", "reference_id": "show_bug.cgi?id=1907726", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907726" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9399" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kpun-mgtm-5uhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36129?format=api", "vulnerability_id": "VCID-mj7u-bpwq-jkhu", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72464", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.7244", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72417", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72456", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72474", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72423", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309435", "reference_id": "2309435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309435" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367", "reference_id": "buglist.cgi?bug_id=1907230%2C1909367", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:39:40Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:39:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8389" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mj7u-bpwq-jkhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57339?format=api", "vulnerability_id": "VCID-muvd-ax39-5qf7", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6612", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50775", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50703", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50722", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50755", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50759", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6612" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:29:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:29:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1880374", "reference_id": "show_bug.cgi?id=1880374", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:29:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1880374" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6612" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-muvd-ax39-5qf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57336?format=api", "vulnerability_id": "VCID-paez-g9wh-mfeq", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68638", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68694", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.6862", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68683", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00572", "scoring_system": "epss", "scoring_elements": "0.68665", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6609" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839258", "reference_id": "show_bug.cgi?id=1839258", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839258" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6609" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-paez-g9wh-mfeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36127?format=api", "vulnerability_id": "VCID-pst5-367g-h7cs", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8386.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.5057", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.5058", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50578", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50523", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50595", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50617", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50543", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8386" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309432", "reference_id": "2309432", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309432" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032", "reference_id": "show_bug.cgi?id=1907032", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1907032" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163", "reference_id": "show_bug.cgi?id=1909163", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909163" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529", "reference_id": "show_bug.cgi?id=1909529", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909529" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8386" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pst5-367g-h7cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36126?format=api", "vulnerability_id": "VCID-qd97-asaa-2fey", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8385.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8385.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51224", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51181", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51219", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51206", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51238", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51259", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8385" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309431", "reference_id": "2309431", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309431" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909", "reference_id": "show_bug.cgi?id=1911909", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911909" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8385" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qd97-asaa-2fey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57335?format=api", "vulnerability_id": "VCID-qgte-aw18-wuev", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31265", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31127", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31306", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31171", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31209", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31178", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6608" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:06:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:06:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329", "reference_id": "show_bug.cgi?id=1743329", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:06:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743329" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6608" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgte-aw18-wuev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57342?format=api", "vulnerability_id": "VCID-qw18-3u5b-e7dt", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69166", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69195", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69238", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69215", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69196", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6615" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364", "reference_id": "buglist.cgi?bug_id=1892875%2C1894428%2C1898364", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:05:12Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:05:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:05:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6615" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qw18-3u5b-e7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57337?format=api", "vulnerability_id": "VCID-r27v-bxdj-7fgk", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25072", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24917", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2511", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24998", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24953", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6610" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:20:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:20:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883396", "reference_id": "show_bug.cgi?id=1883396", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:20:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883396" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6610" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r27v-bxdj-7fgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36110?format=api", "vulnerability_id": "VCID-s556-eg79-77gu", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7522.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7522.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47942", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47933", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47955", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47884", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47931", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303139", "reference_id": "2303139", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303139" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906727", "reference_id": "show_bug.cgi?id=1906727", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1906727" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7522" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s556-eg79-77gu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36104?format=api", "vulnerability_id": "VCID-svqy-5b6h-7yfj", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.5709", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57048", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57098", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57069", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57111", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.571", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296638", "reference_id": "2296638", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296638" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4500", "reference_id": "RHSA-2024:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4501", "reference_id": "RHSA-2024:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4508", "reference_id": "RHSA-2024:4508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4517", "reference_id": "RHSA-2024:4517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4586", "reference_id": "RHSA-2024:4586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4590", "reference_id": "RHSA-2024:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4610", "reference_id": "RHSA-2024:4610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4624", "reference_id": "RHSA-2024:4624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4625", "reference_id": "RHSA-2024:4625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4634", "reference_id": "RHSA-2024:4634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4635", "reference_id": "RHSA-2024:4635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4670", "reference_id": "RHSA-2024:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4671", "reference_id": "RHSA-2024:4671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4673", "reference_id": "RHSA-2024:4673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4717", "reference_id": "RHSA-2024:4717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4718", "reference_id": "RHSA-2024:4718", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4718" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4894", "reference_id": "RHSA-2024:4894", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4894" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895081", "reference_id": "show_bug.cgi?id=1895081", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895081" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" }, { "reference_url": "https://usn.ubuntu.com/6903-1/", "reference_id": "USN-6903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6603" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svqy-5b6h-7yfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36105?format=api", "vulnerability_id": "VCID-t52p-7rr7-57ax", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6604.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6604.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6604", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59486", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.5949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59522", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59503", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296639", "reference_id": "2296639", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296639" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266", "reference_id": "buglist.cgi?bug_id=1748105%2C1837550%2C1884266", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4500", "reference_id": "RHSA-2024:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4501", "reference_id": "RHSA-2024:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4508", "reference_id": "RHSA-2024:4508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4517", "reference_id": "RHSA-2024:4517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4586", "reference_id": "RHSA-2024:4586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4590", "reference_id": "RHSA-2024:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4610", "reference_id": "RHSA-2024:4610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4624", "reference_id": "RHSA-2024:4624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4625", "reference_id": "RHSA-2024:4625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4634", "reference_id": "RHSA-2024:4634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4635", "reference_id": "RHSA-2024:4635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4670", "reference_id": "RHSA-2024:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4671", "reference_id": "RHSA-2024:4671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4673", "reference_id": "RHSA-2024:4673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4717", "reference_id": "RHSA-2024:4717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4718", "reference_id": "RHSA-2024:4718", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4718" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4894", "reference_id": "RHSA-2024:4894", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4894" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" }, { "reference_url": "https://usn.ubuntu.com/6903-1/", "reference_id": "USN-6903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6604" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t52p-7rr7-57ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36109?format=api", "vulnerability_id": "VCID-tegn-2y58-t3de", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7521.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7521.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49431", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49411", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49429", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49458", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49391", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49441", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303138", "reference_id": "2303138", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303138" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1904644", "reference_id": "show_bug.cgi?id=1904644", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1904644" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7521" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tegn-2y58-t3de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36121?format=api", "vulnerability_id": "VCID-ux24-3d83-23c6", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8381.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8381.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11622", "scoring_system": "epss", "scoring_elements": "0.93654", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11622", "scoring_system": "epss", "scoring_elements": "0.93646", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11622", "scoring_system": "epss", "scoring_elements": "0.93648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11622", "scoring_system": "epss", "scoring_elements": "0.93653", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.12468", "scoring_system": "epss", "scoring_elements": "0.93882", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12468", "scoring_system": "epss", "scoring_elements": "0.93891", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12468", "scoring_system": "epss", "scoring_elements": "0.93895", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309427", "reference_id": "2309427", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309427" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "reference_id": "mfsa2024-39", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "reference_id": "mfsa2024-40", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-41/", "reference_id": "mfsa2024-41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "reference_id": "mfsa2024-43", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-44", "reference_id": "mfsa2024-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", "reference_id": "mfsa2024-44", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-44/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6681", "reference_id": "RHSA-2024:6681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6682", "reference_id": "RHSA-2024:6682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6683", "reference_id": "RHSA-2024:6683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6684", "reference_id": "RHSA-2024:6684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6719", "reference_id": "RHSA-2024:6719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6720", "reference_id": "RHSA-2024:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6721", "reference_id": "RHSA-2024:6721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6722", "reference_id": "RHSA-2024:6722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6723", "reference_id": "RHSA-2024:6723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6782", "reference_id": "RHSA-2024:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6786", "reference_id": "RHSA-2024:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6816", "reference_id": "RHSA-2024:6816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6838", "reference_id": "RHSA-2024:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6850", "reference_id": "RHSA-2024:6850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6891", "reference_id": "RHSA-2024:6891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6892", "reference_id": "RHSA-2024:6892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715", "reference_id": "show_bug.cgi?id=1912715", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912715" }, { "reference_url": "https://usn.ubuntu.com/6992-1/", "reference_id": "USN-6992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6992-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-8381" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ux24-3d83-23c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36103?format=api", "vulnerability_id": "VCID-w794-gqex-83du", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.7349", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73497", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.7348", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73443", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73471", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73517", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296637", "reference_id": "2296637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296637" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4625", "reference_id": "RHSA-2024:4625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4670", "reference_id": "RHSA-2024:4670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4671", "reference_id": "RHSA-2024:4671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4717", "reference_id": "RHSA-2024:4717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4718", "reference_id": "RHSA-2024:4718", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4718" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4894", "reference_id": "RHSA-2024:4894", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4894" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6839", "reference_id": "RHSA-2024:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6839" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032", "reference_id": "show_bug.cgi?id=1895032", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895032" }, { "reference_url": "https://usn.ubuntu.com/6890-1/", "reference_id": "USN-6890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6890-1/" }, { "reference_url": "https://usn.ubuntu.com/6903-1/", "reference_id": "USN-6903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-6602" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w794-gqex-83du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36115?format=api", "vulnerability_id": "VCID-xevc-xbcg-1yct", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7526.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7526.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50671", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50626", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50632", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50629", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303143", "reference_id": "2303143", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303143" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1910306", "reference_id": "show_bug.cgi?id=1910306", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1910306" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7526" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xevc-xbcg-1yct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36114?format=api", "vulnerability_id": "VCID-xyqa-esey-73e1", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7525.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7525.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33437", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33549", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33461", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33502", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33582", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33421", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33465", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33499", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303142", "reference_id": "2303142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303142" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909298", "reference_id": "show_bug.cgi?id=1909298", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909298" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7525" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xyqa-esey-73e1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36118?format=api", "vulnerability_id": "VCID-z6kw-szww-7feq", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7529.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31818", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31853", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31892", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31988", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31861", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31889", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303146", "reference_id": "2303146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303146" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-34/", "reference_id": "mfsa2024-34", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-38/", "reference_id": "mfsa2024-38", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1903187", "reference_id": "show_bug.cgi?id=1903187", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1903187" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" }, { "reference_url": "https://usn.ubuntu.com/6995-1/", "reference_id": "USN-6995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6995-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7529" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6kw-szww-7feq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36140?format=api", "vulnerability_id": "VCID-z6yt-va55-s3ey", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40018", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40037", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40074", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40063", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40049", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39996", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40048", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40075", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315950", "reference_id": "2315950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315950" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476", "reference_id": "buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-48/", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-9401" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6yt-va55-s3ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36117?format=api", "vulnerability_id": "VCID-zveb-b3t7-7yfg", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7528.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46865", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46884", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46861", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46859", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7528" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303145", "reference_id": "2303145", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303145" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202412-13", "reference_id": "GLSA-202412-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-33/", "reference_id": "mfsa2024-33", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-35/", "reference_id": "mfsa2024-35", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-37/", "reference_id": "mfsa2024-37", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-37/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5322", "reference_id": "RHSA-2024:5322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5323", "reference_id": "RHSA-2024:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5324", "reference_id": "RHSA-2024:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5325", "reference_id": "RHSA-2024:5325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5326", "reference_id": "RHSA-2024:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5327", "reference_id": "RHSA-2024:5327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5328", "reference_id": "RHSA-2024:5328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5329", "reference_id": "RHSA-2024:5329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5391", "reference_id": "RHSA-2024:5391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5392", "reference_id": "RHSA-2024:5392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5393", "reference_id": "RHSA-2024:5393", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5393" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5394", "reference_id": "RHSA-2024:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5395", "reference_id": "RHSA-2024:5395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5396", "reference_id": "RHSA-2024:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5402", "reference_id": "RHSA-2024:5402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5527", "reference_id": "RHSA-2024:5527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5528", "reference_id": "RHSA-2024:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5528" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895951", "reference_id": "show_bug.cgi?id=1895951", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895951" }, { "reference_url": "https://usn.ubuntu.com/6966-1/", "reference_id": "USN-6966-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6966-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83387?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@123.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83388?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.3.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/83389?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@131.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@131.0.2" } ], "aliases": [ "CVE-2024-7528" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zveb-b3t7-7yfg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@123.3.1" }