{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","type":"ebuild","namespace":"www-client","name":"firefox","version":"128.6.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"128.9.0","latest_non_vulnerable_version":"137.0.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/862?format=json","vulnerability_id":"VCID-18e1-p2pr-6ubc","summary":"Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0247.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0247","reference_id":"","reference_type":"","scores":[{"value":"0.19171","scoring_system":"epss","scoring_elements":"0.9548","published_at":"2026-06-05T12:55:00Z"},{"value":"0.19171","scoring_system":"epss","scoring_elements":"0.95485","published_at":"2026-06-07T12:55:00Z"},{"value":"0.19171","scoring_system":"epss","scoring_elements":"0.95483","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0247"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336176","reference_id":"2336176","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336176"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173","reference_id":"buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T14:52:46Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T14:52:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T14:52:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0247"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-18e1-p2pr-6ubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85?format=json","vulnerability_id":"VCID-1qpv-uzu1-g3dc","summary":"A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the SEC_ASN1DecodeItem_Util function, when handling malformed or improperly formatted input files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11706.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11706","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38094","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38069","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38097","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11706"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328951","reference_id":"2328951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328951"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923767","reference_id":"show_bug.cgi?id=1923767","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923767"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11706"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qpv-uzu1-g3dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109?format=json","vulnerability_id":"VCID-34s2-6xpa-gfcw","summary":"Video frames could have been leaked between origins in some situations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64876","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64887","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64877","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439","reference_id":"2322439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800","reference_id":"show_bug.cgi?id=1920800","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10463"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-34s2-6xpa-gfcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/778?format=json","vulnerability_id":"VCID-3fcq-bsy8-gbgd","summary":"When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0241","reference_id":"","reference_type":"","scores":[{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27368","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27328","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27418","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336168","reference_id":"2336168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336168"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1933023","reference_id":"show_bug.cgi?id=1933023","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1933023"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0241"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fcq-bsy8-gbgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78?format=json","vulnerability_id":"VCID-3g2k-au3t-a7c9","summary":"Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11694","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.352","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35185","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328941","reference_id":"2328941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328941"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-65/","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-70/","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-70/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924167","reference_id":"show_bug.cgi?id=1924167","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924167"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"},{"reference_url":"https://usn.ubuntu.com/7193-1/","reference_id":"USN-7193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7193-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11694"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3g2k-au3t-a7c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74?format=json","vulnerability_id":"VCID-4grd-ngdg-aqft","summary":"An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11692","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24218","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24235","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946","reference_id":"2328946","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909535","reference_id":"show_bug.cgi?id=1909535","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909535"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11692"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4grd-ngdg-aqft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/776?format=json","vulnerability_id":"VCID-5dd5-q773-jkbj","summary":"When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0239","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09206","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09187","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336170","reference_id":"2336170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336170"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929156","reference_id":"show_bug.cgi?id=1929156","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929156"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0239"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dd5-q773-jkbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/775?format=json","vulnerability_id":"VCID-5pnd-9999-mfdj","summary":"Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0238","reference_id":"","reference_type":"","scores":[{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36598","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36561","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36589","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336165","reference_id":"2336165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336165"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-03/","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915535","reference_id":"show_bug.cgi?id=1915535","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915535"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0238"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5pnd-9999-mfdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79?format=json","vulnerability_id":"VCID-5tzy-vsqt-rqf2","summary":"A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11695","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3761","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37641","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37638","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328948","reference_id":"2328948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328948"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1925496","reference_id":"show_bug.cgi?id=1925496","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1925496"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11695"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tzy-vsqt-rqf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/107?format=json","vulnerability_id":"VCID-7hxe-s6yn-s7aa","summary":"In multipart/x-mixed-replace responses, Content-Disposition: attachment in the response header was not respected and did not force a download, which could allow XSS attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76685","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76696","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7669","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425","reference_id":"2322425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521","reference_id":"show_bug.cgi?id=1914521","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10461"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hxe-s6yn-s7aa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75?format=json","vulnerability_id":"VCID-82rh-fczp-kfbb","summary":"The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11701.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11701.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11701","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40385","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40361","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40388","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328945","reference_id":"2328945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328945"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914797","reference_id":"show_bug.cgi?id=1914797","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914797"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11701"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82rh-fczp-kfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73?format=json","vulnerability_id":"VCID-abf1-a6jn-6bfv","summary":"Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11700.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11700","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50386","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50375","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50394","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11700"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328938","reference_id":"2328938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328938"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1836921","reference_id":"show_bug.cgi?id=1836921","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1836921"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11700"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-abf1-a6jn-6bfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/774?format=json","vulnerability_id":"VCID-cz8m-883z-xqg8","summary":"The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0237","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36949","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3692","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36955","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336182","reference_id":"2336182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336182"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915257","reference_id":"show_bug.cgi?id=1915257","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915257"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0237"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8m-883z-xqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/104?format=json","vulnerability_id":"VCID-fqnp-zeze-yfcj","summary":"A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458","reference_id":"","reference_type":"","scores":[{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64251","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64262","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64254","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428","reference_id":"2322428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733","reference_id":"show_bug.cgi?id=1921733","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10458"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqnp-zeze-yfcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84?format=json","vulnerability_id":"VCID-ge76-ck6b-tyc2","summary":"NSC_DeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows phKey to be NULL for certain mechanisms.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11705.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11705","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49288","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49281","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49299","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11705"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328955","reference_id":"2328955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328955"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921768","reference_id":"show_bug.cgi?id=1921768","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921768"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11705"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ge76-ck6b-tyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111?format=json","vulnerability_id":"VCID-ks9t-n26j-cqg2","summary":"Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464","reference_id":"","reference_type":"","scores":[{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67307","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67319","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67312","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424","reference_id":"2322424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000","reference_id":"show_bug.cgi?id=1913000","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10464"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ks9t-n26j-cqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86?format=json","vulnerability_id":"VCID-ktem-v4wf-bfca","summary":"Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11708.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11708","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39253","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3928","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11708"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328939","reference_id":"2328939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328939"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1922912","reference_id":"show_bug.cgi?id=1922912","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1922912"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11708"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktem-v4wf-bfca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/779?format=json","vulnerability_id":"VCID-nca6-dfj3-1fa6","summary":"Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0242","reference_id":"","reference_type":"","scores":[{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85416","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.8541","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85411","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336181","reference_id":"2336181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336181"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169","reference_id":"buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-03/","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0242"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nca6-dfj3-1fa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/780?format=json","vulnerability_id":"VCID-nmb9-5mgu-dqhe","summary":"Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0243","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12568","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12535","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12571","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336175","reference_id":"2336175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336175"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783","reference_id":"buglist.cgi?bug_id=1827142%2C1932783","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0243"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmb9-5mgu-dqhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/105?format=json","vulnerability_id":"VCID-p88y-3xt6-afan","summary":"An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459","reference_id":"","reference_type":"","scores":[{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72651","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72669","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72662","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429","reference_id":"2322429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087","reference_id":"show_bug.cgi?id=1919087","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10459"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p88y-3xt6-afan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114?format=json","vulnerability_id":"VCID-qz54-4jzp-4yam","summary":"Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67712","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67721","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67715","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433","reference_id":"2322433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_id":"buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10467"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qz54-4jzp-4yam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81?format=json","vulnerability_id":"VCID-r67t-hasn-nqda","summary":"When handling keypress events, an attacker may have been able to trick a user into bypassing the \"Open Executable File?\" confirmation dialog. This could have led to malicious code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11697","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25628","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25685","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25676","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328950","reference_id":"2328950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328950"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842187","reference_id":"show_bug.cgi?id=1842187","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842187"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11697"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r67t-hasn-nqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108?format=json","vulnerability_id":"VCID-t2ta-b79e-gbe8","summary":"Truncation of a long URL could have allowed origin spoofing in a permission prompt.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66423","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66439","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66431","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440","reference_id":"2322440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423","reference_id":"show_bug.cgi?id=1920423","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10462"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ta-b79e-gbe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110?format=json","vulnerability_id":"VCID-u9ew-bxs7-jqcn","summary":"Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10468","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50771","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50752","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50766","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10468"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322443","reference_id":"2322443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322443"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914982","reference_id":"show_bug.cgi?id=1914982","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914982"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10468"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9ew-bxs7-jqcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82?format=json","vulnerability_id":"VCID-un91-2e6u-nkdy","summary":"A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11704","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50802","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50823","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50818","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328942","reference_id":"2328942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328942"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899402","reference_id":"show_bug.cgi?id=1899402","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899402"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11704"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un91-2e6u-nkdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113?format=json","vulnerability_id":"VCID-vrkn-6p96-ykft","summary":"By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71754","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71778","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71772","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438","reference_id":"2322438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154","reference_id":"show_bug.cgi?id=1924154","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10466"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrkn-6p96-ykft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106?format=json","vulnerability_id":"VCID-w1uv-az6r-qqcu","summary":"The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62251","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62262","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62255","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444","reference_id":"2322444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537","reference_id":"show_bug.cgi?id=1912537","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10460"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1uv-az6r-qqcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80?format=json","vulnerability_id":"VCID-wzux-r3fv-fyg9","summary":"The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed.  Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11696","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17811","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1785","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17846","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328943","reference_id":"2328943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328943"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929600","reference_id":"show_bug.cgi?id=1929600","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929600"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11696"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzux-r3fv-fyg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/777?format=json","vulnerability_id":"VCID-xney-87gm-53g3","summary":"Parsing a JavaScript module as JSON could under some circumstances cause cross-compartment access, which may result in a use-after-free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0240","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15307","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15359","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15349","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336188","reference_id":"2336188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336188"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929623","reference_id":"show_bug.cgi?id=1929623","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929623"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2025-0240"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xney-87gm-53g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112?format=json","vulnerability_id":"VCID-y4xw-cu5j-nbfc","summary":"A clipboard \"paste\" button could persist across tabs which allowed a spoofing attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66423","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66439","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66431","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434","reference_id":"2322434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853","reference_id":"show_bug.cgi?id=1918853","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-10465"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4xw-cu5j-nbfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87?format=json","vulnerability_id":"VCID-zgwh-84ue-1kdw","summary":"Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11699","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30549","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.3058","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328947","reference_id":"2328947","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328947"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911","reference_id":"buglist.cgi?bug_id=1880582%2C1929911","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18479","reference_id":"RHSA-2026:18479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18479"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191998?format=json","purl":"pkg:ebuild/www-client/firefox@128.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/191999?format=json","purl":"pkg:ebuild/www-client/firefox@134.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@134.0"}],"aliases":["CVE-2024-11699"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgwh-84ue-1kdw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.6.0"}