{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","type":"ebuild","namespace":"mail-client","name":"thunderbird","version":"128.4.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"128.9.0","latest_non_vulnerable_version":"128.9.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36153?format=json","vulnerability_id":"VCID-19vv-zhum-43hp","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10468","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50462","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50586","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50509","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50517","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50472","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50394","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50447","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50477","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50431","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50503","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5053","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50538","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50535","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50577","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50553","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50581","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10468"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322443","reference_id":"2322443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322443"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914982","reference_id":"show_bug.cgi?id=1914982","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914982"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10468"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19vv-zhum-43hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36136?format=json","vulnerability_id":"VCID-1z5d-4wfm-8yfk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9396","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39146","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39583","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39593","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39555","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39589","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39475","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3928","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39264","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39056","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39124","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39141","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39051","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39073","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39574","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39567","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315954","reference_id":"2315954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315954"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912471","reference_id":"show_bug.cgi?id=1912471","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912471"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9396"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1z5d-4wfm-8yfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36106?format=json","vulnerability_id":"VCID-2cuh-xyst-rbgv","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7518.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7518","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54941","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54883","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54899","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54879","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54854","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54794","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54836","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54893","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.5488","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54848","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54872","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54888","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.549","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7518"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303135","reference_id":"2303135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303135"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1875354","reference_id":"show_bug.cgi?id=1875354","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1875354"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7518"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cuh-xyst-rbgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36107?format=json","vulnerability_id":"VCID-2pvz-3cmq-53dk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7519.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7519","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58909","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58763","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58805","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58812","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.5883","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58793","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58825","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58829","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58806","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58786","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.588","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58785","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58752","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58796","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58855","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.5881","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58837","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303136","reference_id":"2303136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303136"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902307","reference_id":"show_bug.cgi?id=1902307","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902307"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7519"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2pvz-3cmq-53dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36122?format=json","vulnerability_id":"VCID-3ayf-d2s1-67ff","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8382.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8382.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8382","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47461","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47509","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47517","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47451","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47476","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47456","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47401","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47431","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50217","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.502","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50206","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50161","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50077","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50131","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50159","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50113","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50141","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309428","reference_id":"2309428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309428"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-44/","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906744","reference_id":"show_bug.cgi?id=1906744","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906744"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8382"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ayf-d2s1-67ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36128?format=json","vulnerability_id":"VCID-3sjh-f264-m3g7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8387.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8387","reference_id":"","reference_type":"","scores":[{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67751","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67771","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6776","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6774","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67746","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67744","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67759","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67735","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6772","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67668","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67669","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67688","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74159","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74096","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74118","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.7408","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74103","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309433","reference_id":"2309433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309433"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009","reference_id":"buglist.cgi?bug_id=1857607%2C1911858%2C1914009","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8387"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sjh-f264-m3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36111?format=json","vulnerability_id":"VCID-4jfr-pz41-gfbz","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7523","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29804","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29847","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29766","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29778","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29707","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29727","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30329","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30203","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30238","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30198","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30166","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30147","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30103","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30032","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29917","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7523"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908344","reference_id":"show_bug.cgi?id=1908344","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908344"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7523"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfr-pz41-gfbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36130?format=json","vulnerability_id":"VCID-62zr-8w1c-bydt","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8394.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8394","reference_id":"","reference_type":"","scores":[{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58364","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58403","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58426","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58359","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58379","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58353","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58406","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58412","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58429","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58408","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58422","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60722","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60617","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60674","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60634","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60661","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60726","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60775","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8394"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310481","reference_id":"2310481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310481"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T19:38:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895737","reference_id":"show_bug.cgi?id=1895737","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T19:38:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895737"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8394"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-62zr-8w1c-bydt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36147?format=json","vulnerability_id":"VCID-6bbw-b3rx-a7hj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66212","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66028","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66063","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66097","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66073","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66161","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66134","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66155","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65994","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66023","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6604","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440","reference_id":"2322440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423","reference_id":"show_bug.cgi?id=1920423","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10462"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bbw-b3rx-a7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36116?format=json","vulnerability_id":"VCID-957q-jagj-9kg7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7527.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7527","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46921","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46981","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46947","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47001","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46998","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47023","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46996","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47003","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47059","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47055","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47004","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46991","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46952","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46864","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46926","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46945","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46889","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303144","reference_id":"2303144","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303144"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1871303","reference_id":"show_bug.cgi?id=1871303","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1871303"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7527"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-957q-jagj-9kg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36142?format=json","vulnerability_id":"VCID-9caj-c15z-xuf5","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9403","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27854","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.282","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28113","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28001","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27923","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27757","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2782","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27846","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27763","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27779","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28242","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28308","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28312","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28254","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28266","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28247","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9403"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315947","reference_id":"2315947","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315947"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917807","reference_id":"show_bug.cgi?id=1917807","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917807"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9403"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9caj-c15z-xuf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36145?format=json","vulnerability_id":"VCID-aemu-emvp-hkfh","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62015","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61883","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61899","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6192","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61908","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61888","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61931","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61936","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61919","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61915","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61933","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61925","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6187","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61918","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61979","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6196","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61832","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61862","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61834","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444","reference_id":"2322444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537","reference_id":"show_bug.cgi?id=1912537","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10460"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aemu-emvp-hkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36131?format=json","vulnerability_id":"VCID-b6ug-rdyx-4uaw","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8900","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41694","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41619","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41593","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41684","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41668","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41599","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41819","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41826","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44151","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44136","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44181","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44171","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312914","reference_id":"2312914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312914"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872841","reference_id":"show_bug.cgi?id=1872841","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872841"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8900"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ug-rdyx-4uaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36099?format=json","vulnerability_id":"VCID-b9aw-u5wp-6uhk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5693.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5693","reference_id":"","reference_type":"","scores":[{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.81012","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80999","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80987","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80979","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80959","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80958","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80956","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80921","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.8093","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80919","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80891","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0147","scoring_system":"epss","scoring_elements":"0.80894","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01765","scoring_system":"epss","scoring_elements":"0.82813","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01765","scoring_system":"epss","scoring_elements":"0.82739","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01765","scoring_system":"epss","scoring_elements":"0.8276","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01765","scoring_system":"epss","scoring_elements":"0.82758","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01765","scoring_system":"epss","scoring_elements":"0.82773","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291399","reference_id":"2291399","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291399"},{"reference_url":"https://security.gentoo.org/glsa/202408-02","reference_id":"GLSA-202408-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-02"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-25/","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-26/","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-26/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-28/","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-28/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3949","reference_id":"RHSA-2024:3949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3950","reference_id":"RHSA-2024:3950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3951","reference_id":"RHSA-2024:3951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3952","reference_id":"RHSA-2024:3952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3953","reference_id":"RHSA-2024:3953","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3954","reference_id":"RHSA-2024:3954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3955","reference_id":"RHSA-2024:3955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3958","reference_id":"RHSA-2024:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3972","reference_id":"RHSA-2024:3972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4001","reference_id":"RHSA-2024:4001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4002","reference_id":"RHSA-2024:4002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4003","reference_id":"RHSA-2024:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4004","reference_id":"RHSA-2024:4004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4015","reference_id":"RHSA-2024:4015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4016","reference_id":"RHSA-2024:4016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4018","reference_id":"RHSA-2024:4018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4036","reference_id":"RHSA-2024:4036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4063","reference_id":"RHSA-2024:4063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4063"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1891319","reference_id":"show_bug.cgi?id=1891319","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1891319"},{"reference_url":"https://usn.ubuntu.com/6840-1/","reference_id":"USN-6840-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6840-1/"},{"reference_url":"https://usn.ubuntu.com/6862-1/","reference_id":"USN-6862-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6862-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-5693"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9aw-u5wp-6uhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36101?format=json","vulnerability_id":"VCID-bshu-jxhj-27b8","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5700.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5700","reference_id":"","reference_type":"","scores":[{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37777","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38215","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38234","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38199","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3822","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38201","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38136","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37962","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37844","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37733","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37801","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37815","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37727","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.377","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38265","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38288","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38156","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38207","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291401","reference_id":"2291401","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291401"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123","reference_id":"buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-11T16:16:36Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123"},{"reference_url":"https://security.gentoo.org/glsa/202408-02","reference_id":"GLSA-202408-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-02"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-25/","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-11T16:16:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-26/","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-11T16:16:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-26/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-28/","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-11T16:16:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-28/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-11T16:16:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-11T16:16:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3949","reference_id":"RHSA-2024:3949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3950","reference_id":"RHSA-2024:3950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3951","reference_id":"RHSA-2024:3951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3952","reference_id":"RHSA-2024:3952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3953","reference_id":"RHSA-2024:3953","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3954","reference_id":"RHSA-2024:3954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3955","reference_id":"RHSA-2024:3955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3958","reference_id":"RHSA-2024:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3972","reference_id":"RHSA-2024:3972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4001","reference_id":"RHSA-2024:4001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4002","reference_id":"RHSA-2024:4002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4003","reference_id":"RHSA-2024:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4004","reference_id":"RHSA-2024:4004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4015","reference_id":"RHSA-2024:4015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4016","reference_id":"RHSA-2024:4016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4018","reference_id":"RHSA-2024:4018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4036","reference_id":"RHSA-2024:4036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4063","reference_id":"RHSA-2024:4063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4063"},{"reference_url":"https://usn.ubuntu.com/6840-1/","reference_id":"USN-6840-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6840-1/"},{"reference_url":"https://usn.ubuntu.com/6862-1/","reference_id":"USN-6862-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6862-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-5700"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bshu-jxhj-27b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36139?format=json","vulnerability_id":"VCID-bsnh-1chq-z7ae","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9400","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.3335","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33876","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33874","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33846","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.338","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33418","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33336","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33228","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33294","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33335","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33246","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33272","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33949","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33802","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9400"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315953","reference_id":"2315953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315953"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915249","reference_id":"show_bug.cgi?id=1915249","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915249"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9400"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsnh-1chq-z7ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36144?format=json","vulnerability_id":"VCID-bwk4-hqx8-97dy","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459","reference_id":"","reference_type":"","scores":[{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.7242","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.7222","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72195","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72244","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72267","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72237","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.7228","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72289","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72276","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72321","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72331","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72327","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72318","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72346","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72373","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72335","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72362","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.722","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429","reference_id":"2322429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087","reference_id":"show_bug.cgi?id=1919087","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10459"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bwk4-hqx8-97dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36112?format=json","vulnerability_id":"VCID-cmr4-6stm-jfe9","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7524.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7524","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53118","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53049","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53086","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53093","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53075","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53051","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52961","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53012","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53054","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53019","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53045","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.5302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52987","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53038","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53032","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53066","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303141","reference_id":"2303141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303141"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909241","reference_id":"show_bug.cgi?id=1909241","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909241"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7524"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmr4-6stm-jfe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36132?format=json","vulnerability_id":"VCID-dmnj-pt27-3bge","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9391","reference_id":"","reference_type":"","scores":[{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58056","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57964","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57947","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58008","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57958","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57987","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57948","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58003","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57978","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58009","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57985","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315948","reference_id":"2315948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315948"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1892407","reference_id":"show_bug.cgi?id=1892407","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1892407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9391"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmnj-pt27-3bge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36108?format=json","vulnerability_id":"VCID-drjc-gxrt-q7ha","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7520.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7520","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71133","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70948","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70978","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70986","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71028","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71027","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71048","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71086","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71052","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71078","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70889","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70882","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70926","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70964","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7520"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303137","reference_id":"2303137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303137"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903041","reference_id":"show_bug.cgi?id=1903041","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903041"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7520"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drjc-gxrt-q7ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36149?format=json","vulnerability_id":"VCID-ds2y-kn7q-vuct","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464","reference_id":"","reference_type":"","scores":[{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67093","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66961","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66916","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66949","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66963","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66945","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66968","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66978","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66993","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67033","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67005","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67029","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6688","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66906","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66879","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66927","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424","reference_id":"2322424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000","reference_id":"show_bug.cgi?id=1913000","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10464"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ds2y-kn7q-vuct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36102?format=json","vulnerability_id":"VCID-frvc-mqhd-eydh","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6601.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6601","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29295","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29747","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29703","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29651","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29669","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29602","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29521","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29407","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29343","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29198","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29258","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29272","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29195","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29215","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29784","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2983","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29646","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29708","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296636","reference_id":"2296636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296636"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4500","reference_id":"RHSA-2024:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4501","reference_id":"RHSA-2024:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4508","reference_id":"RHSA-2024:4508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4517","reference_id":"RHSA-2024:4517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4586","reference_id":"RHSA-2024:4586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4590","reference_id":"RHSA-2024:4590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4610","reference_id":"RHSA-2024:4610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4624","reference_id":"RHSA-2024:4624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4634","reference_id":"RHSA-2024:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4635","reference_id":"RHSA-2024:4635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4673","reference_id":"RHSA-2024:4673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1890748","reference_id":"show_bug.cgi?id=1890748","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1890748"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-6601"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frvc-mqhd-eydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36100?format=json","vulnerability_id":"VCID-gpjz-649k-f3he","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5696.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5696","reference_id":"","reference_type":"","scores":[{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84117","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.8393","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83953","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83967","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83969","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83995","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84003","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84008","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84028","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84051","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84067","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84066","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.84084","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83888","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83904","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02069","scoring_system":"epss","scoring_elements":"0.83907","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291400","reference_id":"2291400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291400"},{"reference_url":"https://security.gentoo.org/glsa/202408-02","reference_id":"GLSA-202408-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-02"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-25/","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-26/","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-26/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-28/","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-28/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3949","reference_id":"RHSA-2024:3949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3950","reference_id":"RHSA-2024:3950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3951","reference_id":"RHSA-2024:3951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3952","reference_id":"RHSA-2024:3952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3953","reference_id":"RHSA-2024:3953","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3954","reference_id":"RHSA-2024:3954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3955","reference_id":"RHSA-2024:3955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3958","reference_id":"RHSA-2024:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3972","reference_id":"RHSA-2024:3972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4001","reference_id":"RHSA-2024:4001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4002","reference_id":"RHSA-2024:4002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4003","reference_id":"RHSA-2024:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4004","reference_id":"RHSA-2024:4004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4015","reference_id":"RHSA-2024:4015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4016","reference_id":"RHSA-2024:4016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4018","reference_id":"RHSA-2024:4018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4036","reference_id":"RHSA-2024:4036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4063","reference_id":"RHSA-2024:4063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4063"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1896555","reference_id":"show_bug.cgi?id=1896555","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1896555"},{"reference_url":"https://usn.ubuntu.com/6840-1/","reference_id":"USN-6840-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6840-1/"},{"reference_url":"https://usn.ubuntu.com/6862-1/","reference_id":"USN-6862-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6862-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-5696"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gpjz-649k-f3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36119?format=json","vulnerability_id":"VCID-gret-hn3p-5kbk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7531","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1929","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19297","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19259","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19267","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19277","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19177","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19166","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19124","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19097","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19193","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19155","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19191","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19502","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19549","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19266","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19345","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19397","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19353","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303148","reference_id":"2303148","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303148"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905691","reference_id":"show_bug.cgi?id=1905691","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905691"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7531"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gret-hn3p-5kbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36125?format=json","vulnerability_id":"VCID-hetc-sghb-1fcx","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8384.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8384","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55218","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55241","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55177","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55201","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55176","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55237","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55243","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55182","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55196","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55139","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55098","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55148","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55157","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.5522","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309430","reference_id":"2309430","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309430"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-44/","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911288","reference_id":"show_bug.cgi?id=1911288","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911288"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8384"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hetc-sghb-1fcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36151?format=json","vulnerability_id":"VCID-hfx8-7x82-zqfk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71514","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71306","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71342","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71327","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7131","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71356","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71362","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71341","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71403","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71406","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71393","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71429","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71464","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71459","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71265","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438","reference_id":"2322438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154","reference_id":"show_bug.cgi?id=1924154","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10466"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hfx8-7x82-zqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36134?format=json","vulnerability_id":"VCID-hu6v-g43k-9uep","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9395","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52121","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52055","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52018","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51965","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52014","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52016","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5204","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52039","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52091","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52074","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52118","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.521","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52048","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9395"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315958","reference_id":"2315958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315958"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906024","reference_id":"show_bug.cgi?id=1906024","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906024"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9395"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hu6v-g43k-9uep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36141?format=json","vulnerability_id":"VCID-jebk-6hja-ukfc","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9402","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.3128","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31826","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31829","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31789","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31753","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31785","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31764","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31734","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31564","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31351","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31203","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31271","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31278","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31186","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31209","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31926","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31796","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9402"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315951","reference_id":"2315951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315951"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9402"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jebk-6hja-ukfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36124?format=json","vulnerability_id":"VCID-jt6f-rpfx-7kbj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8383.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8383.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8383","reference_id":"","reference_type":"","scores":[{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44823","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44946","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44997","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44991","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4485","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44859","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44765","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44781","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44722","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44751","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44939","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4496","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44954","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44944","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309429","reference_id":"2309429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309429"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908496","reference_id":"show_bug.cgi?id=1908496","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908496"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8383"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jt6f-rpfx-7kbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36137?format=json","vulnerability_id":"VCID-k3ec-bt9r-pkhg","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9397","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44206","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44463","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4447","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44486","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44511","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44352","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44355","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44274","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44226","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44176","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44476","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9397"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315949","reference_id":"2315949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315949"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916659","reference_id":"show_bug.cgi?id=1916659","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916659"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9397"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ec-bt9r-pkhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36133?format=json","vulnerability_id":"VCID-ka9e-ps8e-ryc8","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32975","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32896","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3287","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33203","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33057","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32964","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32852","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32921","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35181","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3521","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35162","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3513","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35144","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35131","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35166","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959","reference_id":"2315959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154","reference_id":"show_bug.cgi?id=1899154","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843","reference_id":"show_bug.cgi?id=1905843","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9392"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9e-ps8e-ryc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36138?format=json","vulnerability_id":"VCID-kpun-mgtm-5uhd","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9399","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49289","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49353","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49345","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49347","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49395","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49391","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49361","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49357","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49222","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49285","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49311","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49261","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49349","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9399"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315945","reference_id":"2315945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315945"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907726","reference_id":"show_bug.cgi?id=1907726","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907726"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9399"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpun-mgtm-5uhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36129?format=json","vulnerability_id":"VCID-mj7u-bpwq-jkhu","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8389.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8389","reference_id":"","reference_type":"","scores":[{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72641","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72552","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72573","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72597","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.7256","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72586","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72423","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.7244","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72417","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72456","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72474","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72464","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72506","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72514","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72504","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72547","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72554","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309435","reference_id":"2309435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309435"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367","reference_id":"buglist.cgi?bug_id=1907230%2C1909367","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:39:40Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:39:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8389"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mj7u-bpwq-jkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36150?format=json","vulnerability_id":"VCID-mw96-qtnz-gqdx","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66212","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66028","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66063","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66097","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66073","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66161","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66134","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66155","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65994","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66023","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6604","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434","reference_id":"2322434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853","reference_id":"show_bug.cgi?id=1918853","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10465"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mw96-qtnz-gqdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36143?format=json","vulnerability_id":"VCID-n4hu-b1t6-xkay","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458","reference_id":"","reference_type":"","scores":[{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64045","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63993","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63967","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63953","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63936","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63938","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63926","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.6392","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.6391","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63874","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63908","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63891","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428","reference_id":"2322428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733","reference_id":"show_bug.cgi?id=1921733","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10458"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n4hu-b1t6-xkay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36127?format=json","vulnerability_id":"VCID-pst5-367g-h7cs","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8386.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8386","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50605","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50627","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50622","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5058","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50595","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50578","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50543","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53372","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53285","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53295","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53258","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53216","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53266","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53318","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53278","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53304","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309432","reference_id":"2309432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309432"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907032","reference_id":"show_bug.cgi?id=1907032","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907032"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909163","reference_id":"show_bug.cgi?id=1909163","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909163"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909529","reference_id":"show_bug.cgi?id=1909529","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909529"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8386"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pst5-367g-h7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36126?format=json","vulnerability_id":"VCID-qd97-asaa-2fey","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8385.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8385","reference_id":"","reference_type":"","scores":[{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51104","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51202","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51195","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51247","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51269","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51262","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51224","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51238","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51259","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51216","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51219","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51181","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51164","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51206","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65921","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65832","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65876","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65847","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65866","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309431","reference_id":"2309431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309431"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911909","reference_id":"show_bug.cgi?id=1911909","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911909"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8385"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qd97-asaa-2fey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36148?format=json","vulnerability_id":"VCID-rcg4-7hjg-v7du","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6466","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64477","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64436","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64501","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64504","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64476","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64522","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64514","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64535","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64547","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64521","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64568","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64584","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64606","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439","reference_id":"2322439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800","reference_id":"show_bug.cgi?id=1920800","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10463"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcg4-7hjg-v7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36110?format=json","vulnerability_id":"VCID-s556-eg79-77gu","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7522.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7522","reference_id":"","reference_type":"","scores":[{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.4794","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47884","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47931","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47955","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47933","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47942","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47997","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47992","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.4793","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47941","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47888","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47804","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47871","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47894","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47837","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47866","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47914","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303139","reference_id":"2303139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303139"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906727","reference_id":"show_bug.cgi?id=1906727","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906727"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7522"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s556-eg79-77gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36146?format=json","vulnerability_id":"VCID-sg2y-gfue-6qam","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7648","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76259","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76291","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76305","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76331","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76309","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76345","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7635","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76335","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7637","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76378","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76389","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76408","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76428","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76415","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76431","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76248","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76278","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425","reference_id":"2322425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521","reference_id":"show_bug.cgi?id=1914521","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10461"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg2y-gfue-6qam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36104?format=json","vulnerability_id":"VCID-svqy-5b6h-7yfj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6603.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6603","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57099","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57098","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57111","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5709","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57068","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57003","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57023","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57005","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56954","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57001","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57062","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57013","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57037","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57069","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57047","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296638","reference_id":"2296638","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296638"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4500","reference_id":"RHSA-2024:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4501","reference_id":"RHSA-2024:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4508","reference_id":"RHSA-2024:4508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4517","reference_id":"RHSA-2024:4517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4586","reference_id":"RHSA-2024:4586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4590","reference_id":"RHSA-2024:4590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4610","reference_id":"RHSA-2024:4610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4624","reference_id":"RHSA-2024:4624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4634","reference_id":"RHSA-2024:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4635","reference_id":"RHSA-2024:4635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4673","reference_id":"RHSA-2024:4673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895081","reference_id":"show_bug.cgi?id=1895081","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895081"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-6603"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svqy-5b6h-7yfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36105?format=json","vulnerability_id":"VCID-t52p-7rr7-57ax","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6604.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6604","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59612","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59486","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5952","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59526","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59509","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59481","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59502","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59488","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59498","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59557","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59514","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59542","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59439","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5949","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296639","reference_id":"2296639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296639"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266","reference_id":"buglist.cgi?bug_id=1748105%2C1837550%2C1884266","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4500","reference_id":"RHSA-2024:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4501","reference_id":"RHSA-2024:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4508","reference_id":"RHSA-2024:4508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4517","reference_id":"RHSA-2024:4517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4586","reference_id":"RHSA-2024:4586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4590","reference_id":"RHSA-2024:4590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4610","reference_id":"RHSA-2024:4610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4624","reference_id":"RHSA-2024:4624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4634","reference_id":"RHSA-2024:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4635","reference_id":"RHSA-2024:4635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4673","reference_id":"RHSA-2024:4673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-6604"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t52p-7rr7-57ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36109?format=json","vulnerability_id":"VCID-tegn-2y58-t3de","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7521.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7521.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7521","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49447","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49411","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49391","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49445","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49441","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49458","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49429","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49431","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49475","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49444","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49434","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.494","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49314","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49374","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49399","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49349","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49377","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303138","reference_id":"2303138","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303138"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1904644","reference_id":"show_bug.cgi?id=1904644","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1904644"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7521"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tegn-2y58-t3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36121?format=json","vulnerability_id":"VCID-ux24-3d83-23c6","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8381.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8381.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8381","reference_id":"","reference_type":"","scores":[{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93731","published_at":"2026-05-14T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93718","published_at":"2026-05-12T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93713","published_at":"2026-05-11T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93711","published_at":"2026-05-09T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93703","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93683","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93685","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93687","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93682","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93679","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93672","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93654","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93646","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12468","scoring_system":"epss","scoring_elements":"0.93882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12468","scoring_system":"epss","scoring_elements":"0.93891","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12468","scoring_system":"epss","scoring_elements":"0.93895","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309427","reference_id":"2309427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309427"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-44/","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912715","reference_id":"show_bug.cgi?id=1912715","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912715"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-8381"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ux24-3d83-23c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36152?format=json","vulnerability_id":"VCID-vdpy-f9d9-pfac","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67495","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67334","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67348","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67369","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67356","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67321","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67368","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67346","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67365","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67376","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67397","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67436","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67408","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67433","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67282","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67305","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433","reference_id":"2322433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_id":"buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-10467"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdpy-f9d9-pfac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36103?format=json","vulnerability_id":"VCID-w794-gqex-83du","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6602","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73658","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7348","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73493","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73517","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73497","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73532","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73541","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73534","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73567","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73578","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73577","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73569","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73593","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73616","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73601","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73443","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296637","reference_id":"2296637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296637"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032","reference_id":"show_bug.cgi?id=1895032","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-6602"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w794-gqex-83du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36115?format=json","vulnerability_id":"VCID-xevc-xbcg-1yct","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7526.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7526","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50639","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50598","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50626","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50578","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50632","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50648","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50634","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50675","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50681","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50494","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50548","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50531","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50562","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303143","reference_id":"2303143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303143"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1910306","reference_id":"show_bug.cgi?id=1910306","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1910306"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7526"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xevc-xbcg-1yct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36114?format=json","vulnerability_id":"VCID-xyqa-esey-73e1","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7525.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7525.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7525","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33173","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33582","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33421","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33465","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33499","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33461","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33437","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33474","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33449","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33242","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33163","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33048","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33157","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33068","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33093","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33549","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303142","reference_id":"2303142","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303142"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909298","reference_id":"show_bug.cgi?id=1909298","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909298"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7525"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xyqa-esey-73e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36118?format=json","vulnerability_id":"VCID-z6kw-szww-7feq","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7529.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7529","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31351","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31988","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31861","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31853","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31818","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31849","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31802","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31633","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31421","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31271","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3134","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31348","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31256","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31279","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31947","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303146","reference_id":"2303146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303146"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903187","reference_id":"show_bug.cgi?id=1903187","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903187"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7529"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6kw-szww-7feq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36140?format=json","vulnerability_id":"VCID-z6yt-va55-s3ey","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37557","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37479","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37506","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37592","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37575","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37714","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3795","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37737","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40075","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40063","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40037","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40067","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40038","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950","reference_id":"2315950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-9401"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6yt-va55-s3ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36117?format=json","vulnerability_id":"VCID-zveb-b3t7-7yfg","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7528.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7528","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46845","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4692","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46917","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46866","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4685","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4686","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46718","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46781","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46801","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46745","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46776","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46859","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46862","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46861","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46884","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46857","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7528"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303145","reference_id":"2303145","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303145"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895951","reference_id":"show_bug.cgi?id=1895951","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895951"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74311?format=json","purl":"pkg:ebuild/mail-client/thunderbird@128.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}],"aliases":["CVE-2024-7528"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zveb-b3t7-7yfg"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@128.4.0"}