Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:ebuild/mail-client/thunderbird@115.10.0

Type ebuild

Namespace mail-client

Name thunderbird

Version 115.10.0

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 115.11.0

Latest_non_vulnerable_version 128.9.0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2a4c-pjqa-63bv

vulnerability_id VCID-2a4c-pjqa-63bv

summary A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1550

reference_id

reference_type

scores

value	0.00202
scoring_system	epss
scoring_elements	0.42246
published_at	2026-06-06T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42235
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265353
reference_id	2265353
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265353

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1860065

reference_id

show_bug.cgi?id=1860065

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:17:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1860065

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1550

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2a4c-pjqa-63bv

url VCID-2n6g-4hcr-r7ak

vulnerability_id VCID-2n6g-4hcr-r7ak

summary Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3864

reference_id

reference_type

scores

value	0.00983
scoring_system	epss
scoring_elements	0.77195
published_at	2026-06-06T12:55:00Z

value	0.00983
scoring_system	epss
scoring_elements	0.77184
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275555
reference_id	2275555
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275555

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1888333

reference_id

show_bug.cgi?id=1888333

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1888333

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-3864

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n6g-4hcr-r7ak

url VCID-2zr5-zz2g-r7fj

vulnerability_id VCID-2zr5-zz2g-r7fj

summary The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1936

reference_id

reference_type

scores

value	0.00357
scoring_system	epss
scoring_elements	0.58255
published_at	2026-06-05T12:55:00Z

value	0.00357
scoring_system	epss
scoring_elements	0.58263
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1936

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1936

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2607

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2610

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2611

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2612

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2614

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2616

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268171
reference_id	2268171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268171

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-11

reference_id

mfsa2024-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-11

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-11/

reference_id

mfsa2024-11

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-11/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1492
reference_id	RHSA-2024:1492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1492

reference_url	https://access.redhat.com/errata/RHSA-2024:1493
reference_id	RHSA-2024:1493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1493

reference_url	https://access.redhat.com/errata/RHSA-2024:1494
reference_id	RHSA-2024:1494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1494

reference_url	https://access.redhat.com/errata/RHSA-2024:1495
reference_id	RHSA-2024:1495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1495

reference_url	https://access.redhat.com/errata/RHSA-2024:1496
reference_id	RHSA-2024:1496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1496

reference_url	https://access.redhat.com/errata/RHSA-2024:1497
reference_id	RHSA-2024:1497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1497

reference_url	https://access.redhat.com/errata/RHSA-2024:1498
reference_id	RHSA-2024:1498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1498

reference_url	https://access.redhat.com/errata/RHSA-2024:1499
reference_id	RHSA-2024:1499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1499

reference_url	https://access.redhat.com/errata/RHSA-2024:1500
reference_id	RHSA-2024:1500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1860977

reference_id

show_bug.cgi?id=1860977

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T19:16:17Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1860977

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1936

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zr5-zz2g-r7fj

url VCID-3hnn-u3at-bqb8

vulnerability_id VCID-3hnn-u3at-bqb8

summary A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1548

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59745
published_at	2026-06-05T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59749
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265351
reference_id	2265351
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265351

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1832627

reference_id

show_bug.cgi?id=1832627

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:33:11Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1832627

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1548

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3hnn-u3at-bqb8

url VCID-4c7a-zcr6-1yfr

vulnerability_id VCID-4c7a-zcr6-1yfr

summary There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3302

reference_id

reference_type

scores

value	0.00097
scoring_system	epss
scoring_elements	0.26692
published_at	2026-06-06T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26701
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2273383
reference_id	2273383
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2273383

reference_url

https://kb.cert.org/vuls/id/421644

reference_id

421644

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://kb.cert.org/vuls/id/421644

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1881183

reference_id

show_bug.cgi?id=1881183

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1881183

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-3302

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4c7a-zcr6-1yfr

url VCID-4qhn-ntkb-8bh5

vulnerability_id VCID-4qhn-ntkb-8bh5

summary Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1551

reference_id

reference_type

scores

value	0.00291
scoring_system	epss
scoring_elements	0.5279
published_at	2026-06-06T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52784
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265354
reference_id	2265354
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265354

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1864385

reference_id

show_bug.cgi?id=1864385

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T19:24:43Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1864385

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1551

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qhn-ntkb-8bh5

url VCID-agth-xz5k-duek

vulnerability_id VCID-agth-xz5k-duek

summary On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3859

reference_id

reference_type

scores

value	0.02136
scoring_system	epss
scoring_elements	0.84538
published_at	2026-06-06T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84534
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275552
reference_id	2275552
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275552

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874489

reference_id

show_bug.cgi?id=1874489

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874489

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-3859

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-agth-xz5k-duek

url VCID-bbr4-fhcs-63gz

vulnerability_id VCID-bbr4-fhcs-63gz

summary If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1549

reference_id

reference_type

scores

value	0.00339
scoring_system	epss
scoring_elements	0.5694
published_at	2026-06-05T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56947
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265352
reference_id	2265352
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265352

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1833814

reference_id

show_bug.cgi?id=1833814

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T15:25:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1833814

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1549

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbr4-fhcs-63gz

url VCID-gjmt-u518-ukd9

vulnerability_id VCID-gjmt-u518-ukd9

summary The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3857

reference_id

reference_type

scores

value	0.00149
scoring_system	epss
scoring_elements	0.35202
published_at	2026-06-06T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35187
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275550
reference_id	2275550
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275550

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1886683

reference_id

show_bug.cgi?id=1886683

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1886683

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-3857

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjmt-u518-ukd9

url VCID-r461-99bu-nuet

vulnerability_id VCID-r461-99bu-nuet

summary Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1553

reference_id

reference_type

scores

value	0.00435
scoring_system	epss
scoring_elements	0.63296
published_at	2026-06-05T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.63303
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1553

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265356
reference_id	2265356
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265356

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

reference_id

buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-20T19:43:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1553

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r461-99bu-nuet

url VCID-rzk7-8m93-9bej

vulnerability_id VCID-rzk7-8m93-9bej

summary In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3854

reference_id

reference_type

scores

value	0.00928
scoring_system	epss
scoring_elements	0.76497
published_at	2026-06-06T12:55:00Z

value	0.00928
scoring_system	epss
scoring_elements	0.7649
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275549
reference_id	2275549
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275549

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884552

reference_id

show_bug.cgi?id=1884552

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1884552

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-3854

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzk7-8m93-9bej

url VCID-s7f5-djtj-yub2

vulnerability_id VCID-s7f5-djtj-yub2

summary When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1546

reference_id

reference_type

scores

value	0.00499
scoring_system	epss
scoring_elements	0.66313
published_at	2026-06-05T12:55:00Z

value	0.00499
scoring_system	epss
scoring_elements	0.66321
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265349
reference_id	2265349
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265349

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843752

reference_id

show_bug.cgi?id=1843752

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:13:55Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843752

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1546

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s7f5-djtj-yub2

url VCID-snpf-u5z1-nkdy

vulnerability_id VCID-snpf-u5z1-nkdy

summary If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3861

reference_id

reference_type

scores

value	0.00119
scoring_system	epss
scoring_elements	0.30427
published_at	2026-06-06T12:55:00Z

value	0.00119
scoring_system	epss
scoring_elements	0.3046
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275553
reference_id	2275553
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275553

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_id

mfsa2024-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-18

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_id

mfsa2024-18

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-18/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1883158

reference_id

show_bug.cgi?id=1883158

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1883158

reference_url	https://usn.ubuntu.com/6747-1/
reference_id	USN-6747-1
reference_type
scores
url	https://usn.ubuntu.com/6747-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-3861

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snpf-u5z1-nkdy

url VCID-uudn-1wbp-27h5

vulnerability_id VCID-uudn-1wbp-27h5

summary The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2609.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2609.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-2609

reference_id

reference_type

scores

value	0.01026
scoring_system	epss
scoring_elements	0.7766
published_at	2026-06-06T12:55:00Z

value	0.01026
scoring_system	epss
scoring_elements	0.77653
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2275551
reference_id	2275551
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2275551

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url	https://security.gentoo.org/glsa/202407-19
reference_id	GLSA-202407-19
reference_type
scores
url	https://security.gentoo.org/glsa/202407-19

reference_url	https://security.gentoo.org/glsa/202408-02
reference_id	GLSA-202408-02
reference_type
scores
url	https://security.gentoo.org/glsa/202408-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-12

reference_id

mfsa2024-12

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-12

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-12/

reference_id

mfsa2024-12

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-12/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_id

mfsa2024-19

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-19

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_id

mfsa2024-19

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-19/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_id

mfsa2024-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_id

mfsa2024-20

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-20/

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1904
reference_id	RHSA-2024:1904
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1904

reference_url	https://access.redhat.com/errata/RHSA-2024:1905
reference_id	RHSA-2024:1905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1905

reference_url	https://access.redhat.com/errata/RHSA-2024:1906
reference_id	RHSA-2024:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1906

reference_url	https://access.redhat.com/errata/RHSA-2024:1907
reference_id	RHSA-2024:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1907

reference_url	https://access.redhat.com/errata/RHSA-2024:1908
reference_id	RHSA-2024:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1908

reference_url	https://access.redhat.com/errata/RHSA-2024:1909
reference_id	RHSA-2024:1909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1909

reference_url	https://access.redhat.com/errata/RHSA-2024:1910
reference_id	RHSA-2024:1910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1910

reference_url	https://access.redhat.com/errata/RHSA-2024:1911
reference_id	RHSA-2024:1911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1911

reference_url	https://access.redhat.com/errata/RHSA-2024:1912
reference_id	RHSA-2024:1912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1912

reference_url	https://access.redhat.com/errata/RHSA-2024:1934
reference_id	RHSA-2024:1934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1934

reference_url	https://access.redhat.com/errata/RHSA-2024:1935
reference_id	RHSA-2024:1935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1935

reference_url	https://access.redhat.com/errata/RHSA-2024:1936
reference_id	RHSA-2024:1936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1936

reference_url	https://access.redhat.com/errata/RHSA-2024:1937
reference_id	RHSA-2024:1937
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1937

reference_url	https://access.redhat.com/errata/RHSA-2024:1938
reference_id	RHSA-2024:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1938

reference_url	https://access.redhat.com/errata/RHSA-2024:1939
reference_id	RHSA-2024:1939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1939

reference_url	https://access.redhat.com/errata/RHSA-2024:1940
reference_id	RHSA-2024:1940
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1940

reference_url	https://access.redhat.com/errata/RHSA-2024:1941
reference_id	RHSA-2024:1941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1941

reference_url	https://access.redhat.com/errata/RHSA-2024:1982
reference_id	RHSA-2024:1982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1982

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1866100

reference_id

show_bug.cgi?id=1866100

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-20T15:04:02Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1866100

reference_url	https://usn.ubuntu.com/6703-1/
reference_id	USN-6703-1
reference_type
scores
url	https://usn.ubuntu.com/6703-1/

reference_url	https://usn.ubuntu.com/6750-1/
reference_id	USN-6750-1
reference_type
scores
url	https://usn.ubuntu.com/6750-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

url	pkg:ebuild/mail-client/thunderbird@115.11.0
purl	pkg:ebuild/mail-client/thunderbird@115.11.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.11.0

aliases CVE-2024-2609

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uudn-1wbp-27h5

url VCID-vkdm-dx92-zbbx

vulnerability_id VCID-vkdm-dx92-zbbx

summary Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1547

reference_id

reference_type

scores

value	0.0073
scoring_system	epss
scoring_elements	0.73085
published_at	2026-06-05T12:55:00Z

value	0.0073
scoring_system	epss
scoring_elements	0.73091
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265350
reference_id	2265350
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265350

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1877879

reference_id

show_bug.cgi?id=1877879

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-28T17:28:49Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1877879

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1547

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkdm-dx92-zbbx

url VCID-y94b-bdrg-fbh2

vulnerability_id VCID-y94b-bdrg-fbh2

summary Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1552

reference_id

reference_type

scores

value	0.00283
scoring_system	epss
scoring_elements	0.51984
published_at	2026-06-05T12:55:00Z

value	0.00283
scoring_system	epss
scoring_elements	0.51993
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1550

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1552

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2265355
reference_id	2265355
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2265355

reference_url	https://security.gentoo.org/glsa/202405-15
reference_id	GLSA-202405-15
reference_type
scores
url	https://security.gentoo.org/glsa/202405-15

reference_url	https://security.gentoo.org/glsa/202405-32
reference_id	GLSA-202405-32
reference_type
scores
url	https://security.gentoo.org/glsa/202405-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_id

mfsa2024-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_id

mfsa2024-05

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_id

mfsa2024-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_id

mfsa2024-06

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_id

mfsa2024-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_id

mfsa2024-07

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-07/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0952
reference_id	RHSA-2024:0952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0952

reference_url	https://access.redhat.com/errata/RHSA-2024:0955
reference_id	RHSA-2024:0955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0955

reference_url	https://access.redhat.com/errata/RHSA-2024:0957
reference_id	RHSA-2024:0957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0957

reference_url	https://access.redhat.com/errata/RHSA-2024:0958
reference_id	RHSA-2024:0958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0958

reference_url	https://access.redhat.com/errata/RHSA-2024:0959
reference_id	RHSA-2024:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0959

reference_url	https://access.redhat.com/errata/RHSA-2024:0960
reference_id	RHSA-2024:0960
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0960

reference_url	https://access.redhat.com/errata/RHSA-2024:0961
reference_id	RHSA-2024:0961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0961

reference_url	https://access.redhat.com/errata/RHSA-2024:0962
reference_id	RHSA-2024:0962
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0962

reference_url	https://access.redhat.com/errata/RHSA-2024:0963
reference_id	RHSA-2024:0963
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0963

reference_url	https://access.redhat.com/errata/RHSA-2024:0964
reference_id	RHSA-2024:0964
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0964

reference_url	https://access.redhat.com/errata/RHSA-2024:0968
reference_id	RHSA-2024:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0968

reference_url	https://access.redhat.com/errata/RHSA-2024:0969
reference_id	RHSA-2024:0969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0969

reference_url	https://access.redhat.com/errata/RHSA-2024:0970
reference_id	RHSA-2024:0970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0970

reference_url	https://access.redhat.com/errata/RHSA-2024:0971
reference_id	RHSA-2024:0971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0971

reference_url	https://access.redhat.com/errata/RHSA-2024:0972
reference_id	RHSA-2024:0972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0972

reference_url	https://access.redhat.com/errata/RHSA-2024:0976
reference_id	RHSA-2024:0976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0976

reference_url	https://access.redhat.com/errata/RHSA-2024:0983
reference_id	RHSA-2024:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0983

reference_url	https://access.redhat.com/errata/RHSA-2024:0984
reference_id	RHSA-2024:0984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0984

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874502

reference_id

show_bug.cgi?id=1874502

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:50:58Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1874502

reference_url	https://usn.ubuntu.com/6649-1/
reference_id	USN-6649-1
reference_type
scores
url	https://usn.ubuntu.com/6649-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird@115.10.0
purl	pkg:ebuild/mail-client/thunderbird@115.10.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

aliases CVE-2024-1552

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y94b-bdrg-fbh2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@115.10.0

Package Instance