Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/582401?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "type": "deb", "namespace": "debian", "name": "firefox", "version": "125.0.1-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "126.0-1", "latest_non_vulnerable_version": "150.0.3-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50618?format=api", "vulnerability_id": "VCID-35af-887a-cbcg", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15802", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15678", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15619", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1549", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15611", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15694", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15729", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15826", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15714", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15742", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15575", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15585", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15635", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15681", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3860" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T19:52:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881417", "reference_id": "show_bug.cgi?id=1881417", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T19:52:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881417" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3860" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35af-887a-cbcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50616?format=api", "vulnerability_id": "VCID-3ekg-4fq3-4bdc", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57121", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57031", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57049", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5703", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57099", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64572", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64626", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64549", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64578", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64533", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64486", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.698", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.69807", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.69829", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.69815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.69842", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71629", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71638", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3856" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T20:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885829", "reference_id": "show_bug.cgi?id=1885829", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T20:40:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885829" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3856" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ekg-4fq3-4bdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47591?format=api", "vulnerability_id": "VCID-3pvs-3ppc-r7a5", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31714", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31332", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31415", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31543", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33383", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.3338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33303", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33465", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33334", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33358", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33319", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33342", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35015", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34906", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34978", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35014", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34919", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34946", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275550", "reference_id": "2275550", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275550" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1886683", "reference_id": "show_bug.cgi?id=1886683", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T13:57:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1886683" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3857" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3pvs-3ppc-r7a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62622?format=api", "vulnerability_id": "VCID-4nqf-nxkj-x3g4", "summary": "GetBoundName could return the wrong version of an object when JIT optimizations were applied.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77626", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77578", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.7756", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77573", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.7755", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77522", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77515", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77501", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.7746", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77494", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.7829", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78259", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78272", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78303", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78329", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78312", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78305", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78334", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78333", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275547", "reference_id": "2275547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275547" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883542", "reference_id": "show_bug.cgi?id=1883542", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-07T15:33:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883542" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3852" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqf-nxkj-x3g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50617?format=api", "vulnerability_id": "VCID-4q92-3x61-ukep", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3858", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53619", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53591", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67622", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67603", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67612", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67588", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67601", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67624", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.6761", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67635", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67632", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.7282", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72722", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72752", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72776", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.7274", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72765", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3858" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-17T18:23:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888892", "reference_id": "show_bug.cgi?id=1888892", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-17T18:23:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888892" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3858" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4q92-3x61-ukep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50619?format=api", "vulnerability_id": "VCID-5j1d-9624-y3e2", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33439", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33428", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33316", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33383", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33423", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33336", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33361", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34026", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34057", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33954", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33986", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33942", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33955", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3394", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33908", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33534", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33513", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3862" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T18:20:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884457", "reference_id": "show_bug.cgi?id=1884457", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T18:20:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884457" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3862" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5j1d-9624-y3e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47593?format=api", "vulnerability_id": "VCID-8sba-dejt-vqfp", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30396", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30329", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30306", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30381", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30373", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30301", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30442", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30525", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30807", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30641", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32512", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3237", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32446", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32449", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32411", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32384", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32397", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275553", "reference_id": "2275553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275553" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883158", "reference_id": "show_bug.cgi?id=1883158", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:42:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1883158" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3861" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sba-dejt-vqfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47594?format=api", "vulnerability_id": "VCID-abt2-6a7f-pfba", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3864.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.7698", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.7693", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76914", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76926", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76909", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76879", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76889", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76877", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.76838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00983", "scoring_system": "epss", "scoring_elements": "0.7687", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77676", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77649", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77658", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77686", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77718", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77702", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.777", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01067", "scoring_system": "epss", "scoring_elements": "0.77737", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275555", "reference_id": "2275555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275555" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888333", "reference_id": "show_bug.cgi?id=1888333", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T16:57:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888333" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3864" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abt2-6a7f-pfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50615?format=api", "vulnerability_id": "VCID-ecs2-1xkw-wkga", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37175", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37582", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37346", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37326", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37236", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37119", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37186", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37205", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37125", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37097", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37645", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37664", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37646", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43974", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43996", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3855" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:34:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885828", "reference_id": "show_bug.cgi?id=1885828", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:34:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885828" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3855" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecs2-1xkw-wkga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47589?format=api", "vulnerability_id": "VCID-h5ub-djvf-nffv", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3302.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26469", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26843", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26695", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26746", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2675", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26706", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26629", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26592", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26533", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26526", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26454", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26322", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26391", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26446", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26373", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2639", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26803", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273383", "reference_id": "2273383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273383" }, { "reference_url": "https://kb.cert.org/vuls/id/421644", "reference_id": "421644", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://kb.cert.org/vuls/id/421644" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881183", "reference_id": "show_bug.cgi?id=1881183", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:53:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1881183" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3302" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5ub-djvf-nffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47590?format=api", "vulnerability_id": "VCID-ku26-71r1-vfem", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76274", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76225", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.7621", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76223", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76201", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76171", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76162", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.7615", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.76101", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00928", "scoring_system": "epss", "scoring_elements": "0.7614", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77046", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.7706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.771", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77102", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275549", "reference_id": "2275549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275549" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884552", "reference_id": "show_bug.cgi?id=1884552", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:00:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884552" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3854" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ku26-71r1-vfem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47592?format=api", "vulnerability_id": "VCID-mfs8-2vzs-pybf", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01586", "scoring_system": "epss", "scoring_elements": "0.81674", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01586", "scoring_system": "epss", "scoring_elements": "0.8165", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01586", "scoring_system": "epss", "scoring_elements": "0.81688", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01586", "scoring_system": "epss", "scoring_elements": "0.81683", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82381", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82354", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.8234", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82358", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82404", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0172", "scoring_system": "epss", "scoring_elements": "0.82407", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84367", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84277", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84303", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84319", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84318", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84335", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3864" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275552", "reference_id": "2275552", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275552" }, { "reference_url": "https://security.gentoo.org/glsa/202405-32", "reference_id": "GLSA-202405-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-32" }, { "reference_url": "https://security.gentoo.org/glsa/202407-19", "reference_id": "GLSA-202407-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-19" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1904", "reference_id": "RHSA-2024:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1905", "reference_id": "RHSA-2024:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1906", "reference_id": "RHSA-2024:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1907", "reference_id": "RHSA-2024:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1908", "reference_id": "RHSA-2024:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1909", "reference_id": "RHSA-2024:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1910", "reference_id": "RHSA-2024:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1911", "reference_id": "RHSA-2024:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1912", "reference_id": "RHSA-2024:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1934", "reference_id": "RHSA-2024:1934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1935", "reference_id": "RHSA-2024:1935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1936", "reference_id": "RHSA-2024:1936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1937", "reference_id": "RHSA-2024:1937", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1937" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1938", "reference_id": "RHSA-2024:1938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1939", "reference_id": "RHSA-2024:1939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1940", "reference_id": "RHSA-2024:1940", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1940" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1941", "reference_id": "RHSA-2024:1941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1982", "reference_id": "RHSA-2024:1982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1982" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874489", "reference_id": "show_bug.cgi?id=1874489", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T23:44:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874489" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" }, { "reference_url": "https://usn.ubuntu.com/6750-1/", "reference_id": "USN-6750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3859" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfs8-2vzs-pybf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50620?format=api", "vulnerability_id": "VCID-rpnz-nsfq-97am", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51192", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51209", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51171", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51112", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51163", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51205", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51162", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51187", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51213", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.5117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51225", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51222", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51266", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51244", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.5123", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51269", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51202", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1881076%2C1884887%2C1885359%2C1889049", "reference_id": "buglist.cgi?bug_id=1881076%2C1884887%2C1885359%2C1889049", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:48:47Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1881076%2C1884887%2C1885359%2C1889049" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:48:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3865" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpnz-nsfq-97am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50614?format=api", "vulnerability_id": "VCID-s1mx-dkf3-p7f7", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25717", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25681", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25568", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25634", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25693", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25622", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25639", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25988", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2603", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25801", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25872", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25923", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25933", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25891", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25837", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2584", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25821", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25792", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25736", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25729", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-02", "reference_id": "GLSA-202408-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:40:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884427", "reference_id": "show_bug.cgi?id=1884427", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:40:35Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1884427" }, { "reference_url": "https://usn.ubuntu.com/6747-1/", "reference_id": "USN-6747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582401?format=api", "purl": "pkg:deb/debian/firefox@125.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api", "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-3853" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1mx-dkf3-p7f7" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@125.0.1-1%3Fdistro=sid" }