{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","type":"ebuild","namespace":"www-client","name":"firefox","version":"131.0.2","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"134.0","latest_non_vulnerable_version":"137.0.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36136?format=json","vulnerability_id":"VCID-1z5d-4wfm-8yfk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9396","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39141","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39583","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39593","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39555","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39589","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39475","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3928","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39264","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39056","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39124","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39574","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315954","reference_id":"2315954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315954"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912471","reference_id":"show_bug.cgi?id=1912471","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912471"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9396"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1z5d-4wfm-8yfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57338?format=json","vulnerability_id":"VCID-253e-56sw-77b1","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6611","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69333","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69184","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69223","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69232","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69211","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69271","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69278","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69257","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69299","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69133","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69154","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69136","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69227","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69212","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6611"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1844827","reference_id":"show_bug.cgi?id=1844827","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1844827"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6611"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-253e-56sw-77b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36106?format=json","vulnerability_id":"VCID-2cuh-xyst-rbgv","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7518.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7518","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54893","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54888","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.549","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54883","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54899","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54879","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54854","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54794","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54836","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54848","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54872","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54891","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7518"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303135","reference_id":"2303135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303135"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1875354","reference_id":"show_bug.cgi?id=1875354","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T17:58:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1875354"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7518"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cuh-xyst-rbgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57353?format=json","vulnerability_id":"VCID-2j6k-5q8j-3fbc","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9680","reference_id":"","reference_type":"","scores":[{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96762","published_at":"2026-05-09T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96714","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96722","published_at":"2026-04-08T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96723","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96725","published_at":"2026-04-12T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96728","published_at":"2026-04-13T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96734","published_at":"2026-04-16T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96738","published_at":"2026-04-18T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96741","published_at":"2026-04-21T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.9674","published_at":"2026-04-24T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96746","published_at":"2026-04-29T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96755","published_at":"2026-05-05T12:55:00Z"},{"value":"0.30808","scoring_system":"epss","scoring_elements":"0.96758","published_at":"2026-05-07T12:55:00Z"},{"value":"0.31347","scoring_system":"epss","scoring_elements":"0.96757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.31347","scoring_system":"epss","scoring_elements":"0.96755","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989","reference_id":"1084989","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317442","reference_id":"2317442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317442"},{"reference_url":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039","reference_id":"CVE-2024-49039","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-51","reference_id":"mfsa2024-51","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-51/","reference_id":"mfsa2024-51","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-52","reference_id":"mfsa2024-52","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-52"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-52/","reference_id":"mfsa2024-52","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-52/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7958","reference_id":"RHSA-2024:7958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7977","reference_id":"RHSA-2024:7977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8024","reference_id":"RHSA-2024:8024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8025","reference_id":"RHSA-2024:8025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8026","reference_id":"RHSA-2024:8026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8027","reference_id":"RHSA-2024:8027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8028","reference_id":"RHSA-2024:8028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8029","reference_id":"RHSA-2024:8029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8030","reference_id":"RHSA-2024:8030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8031","reference_id":"RHSA-2024:8031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8032","reference_id":"RHSA-2024:8032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8033","reference_id":"RHSA-2024:8033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8034","reference_id":"RHSA-2024:8034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8131","reference_id":"RHSA-2024:8131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8167","reference_id":"RHSA-2024:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8176","reference_id":"RHSA-2024:8176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923344","reference_id":"show_bug.cgi?id=1923344","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923344"},{"reference_url":"https://usn.ubuntu.com/7065-1/","reference_id":"USN-7065-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7065-1/"},{"reference_url":"https://usn.ubuntu.com/7066-1/","reference_id":"USN-7066-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7066-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9680"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2j6k-5q8j-3fbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36107?format=json","vulnerability_id":"VCID-2pvz-3cmq-53dk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7519.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7519","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58855","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58796","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58752","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58812","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58805","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58763","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58785","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.588","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58786","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58806","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58829","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58825","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58793","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.5883","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303136","reference_id":"2303136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303136"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902307","reference_id":"show_bug.cgi?id=1902307","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:42:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902307"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7519"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2pvz-3cmq-53dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36122?format=json","vulnerability_id":"VCID-3ayf-d2s1-67ff","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8382.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8382.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8382","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47451","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47461","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47509","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47517","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47431","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47401","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47456","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47476","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50161","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50206","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.502","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50159","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50131","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50077","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309428","reference_id":"2309428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309428"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-44/","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906744","reference_id":"show_bug.cgi?id=1906744","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T16:38:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906744"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8382"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ayf-d2s1-67ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36128?format=json","vulnerability_id":"VCID-3sjh-f264-m3g7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8387.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8387","reference_id":"","reference_type":"","scores":[{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67751","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67771","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6776","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6774","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67746","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6771","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67744","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67759","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67735","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.6772","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67668","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67669","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.67688","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74118","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00797","scoring_system":"epss","scoring_elements":"0.74096","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309433","reference_id":"2309433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309433"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009","reference_id":"buglist.cgi?bug_id=1857607%2C1911858%2C1914009","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:41:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8387"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sjh-f264-m3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36111?format=json","vulnerability_id":"VCID-4jfr-pz41-gfbz","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7523","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29778","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30103","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30032","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29917","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29847","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29766","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30329","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30203","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30238","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30198","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30166","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30147","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7523"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908344","reference_id":"show_bug.cgi?id=1908344","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908344"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7523"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfr-pz41-gfbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57333?format=json","vulnerability_id":"VCID-4vg5-9865-s3b2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6606","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4023","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4054","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40588","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40558","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40481","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40378","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40365","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40145","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40212","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40568","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40595","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40516","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40577","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40596","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40559","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6606"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T16:02:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T16:02:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902305","reference_id":"show_bug.cgi?id=1902305","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T16:02:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902305"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6606"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vg5-9865-s3b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36130?format=json","vulnerability_id":"VCID-62zr-8w1c-bydt","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8394.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8394","reference_id":"","reference_type":"","scores":[{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58364","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58403","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58426","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58359","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58379","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58353","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58406","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58412","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58429","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58408","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58422","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60674","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60617","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60775","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60726","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8394"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310481","reference_id":"2310481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310481"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T19:38:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895737","reference_id":"show_bug.cgi?id=1895737","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T19:38:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895737"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8394"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-62zr-8w1c-bydt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57340?format=json","vulnerability_id":"VCID-6qv9-5wrf-cfee","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6613","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22704","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22868","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22861","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22822","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22659","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22652","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22647","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22542","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22625","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22966","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2301","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22802","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22876","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22947","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2291","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22853","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6613"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-22T17:43:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-22T17:43:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1900523","reference_id":"show_bug.cgi?id=1900523","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-22T17:43:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1900523"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6613"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qv9-5wrf-cfee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36116?format=json","vulnerability_id":"VCID-957q-jagj-9kg7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7527.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7527","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46945","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46926","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46864","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46952","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46991","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47004","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47055","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47059","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46981","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46947","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47003","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46996","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47023","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46998","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47001","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303144","reference_id":"2303144","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303144"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1871303","reference_id":"show_bug.cgi?id=1871303","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:19:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1871303"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7527"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-957q-jagj-9kg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36142?format=json","vulnerability_id":"VCID-9caj-c15z-xuf5","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9403","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27846","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28254","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28266","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.282","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28113","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28001","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27923","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27757","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2782","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28242","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28308","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28312","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9403"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315947","reference_id":"2315947","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315947"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917807","reference_id":"show_bug.cgi?id=1917807","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917807"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9403"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9caj-c15z-xuf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36131?format=json","vulnerability_id":"VCID-b6ug-rdyx-4uaw","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8900","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41684","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41668","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41599","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41819","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41826","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44151","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44136","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44181","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44171","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312914","reference_id":"2312914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312914"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872841","reference_id":"show_bug.cgi?id=1872841","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872841"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8900"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ug-rdyx-4uaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36139?format=json","vulnerability_id":"VCID-bsnh-1chq-z7ae","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9400","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33335","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33949","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33802","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33876","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33874","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33846","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.338","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33418","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33336","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33228","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33294","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9400"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315953","reference_id":"2315953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315953"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915249","reference_id":"show_bug.cgi?id=1915249","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915249"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9400"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsnh-1chq-z7ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57346?format=json","vulnerability_id":"VCID-bt2a-qhce-zqcc","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7530","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67694","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67607","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67626","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67636","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67638","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67615","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67658","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67541","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67562","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.6754","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67592","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67614","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7530"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-08T17:53:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1904011","reference_id":"show_bug.cgi?id=1904011","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-08T17:53:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1904011"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7530"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bt2a-qhce-zqcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36112?format=json","vulnerability_id":"VCID-cmr4-6stm-jfe9","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7524.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7524","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53054","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53032","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53066","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53049","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53086","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53093","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53075","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53051","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52961","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53012","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.5302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52987","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53038","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303141","reference_id":"2303141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303141"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909241","reference_id":"show_bug.cgi?id=1909241","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:09:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909241"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7524"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmr4-6stm-jfe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36132?format=json","vulnerability_id":"VCID-dmnj-pt27-3bge","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9391","reference_id":"","reference_type":"","scores":[{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58008","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58009","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57985","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57964","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57947","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57948","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58003","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57978","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315948","reference_id":"2315948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315948"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1892407","reference_id":"show_bug.cgi?id=1892407","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1892407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9391"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmnj-pt27-3bge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36108?format=json","vulnerability_id":"VCID-drjc-gxrt-q7ha","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7520.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7520","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71086","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70926","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70964","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70948","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70978","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70986","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71028","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71027","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71048","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70889","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70882","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7520"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303137","reference_id":"2303137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303137"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903041","reference_id":"show_bug.cgi?id=1903041","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T15:23:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903041"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7520"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drjc-gxrt-q7ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57341?format=json","vulnerability_id":"VCID-dzdd-y6rv-dbe2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6614","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43534","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43725","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43786","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43777","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4371","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43647","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43652","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43569","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4344","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43515","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43742","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43767","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.437","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4375","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43753","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43773","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43741","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6614"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:13:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:13:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902983","reference_id":"show_bug.cgi?id=1902983","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:13:04Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902983"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6614"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzdd-y6rv-dbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36102?format=json","vulnerability_id":"VCID-frvc-mqhd-eydh","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6601.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6601","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29272","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2983","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29646","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29747","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29703","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29651","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29669","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29602","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29521","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29407","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29343","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29198","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29258","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29784","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296636","reference_id":"2296636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296636"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4500","reference_id":"RHSA-2024:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4501","reference_id":"RHSA-2024:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4508","reference_id":"RHSA-2024:4508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4517","reference_id":"RHSA-2024:4517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4586","reference_id":"RHSA-2024:4586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4590","reference_id":"RHSA-2024:4590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4610","reference_id":"RHSA-2024:4610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4624","reference_id":"RHSA-2024:4624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4634","reference_id":"RHSA-2024:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4635","reference_id":"RHSA-2024:4635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4673","reference_id":"RHSA-2024:4673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1890748","reference_id":"show_bug.cgi?id=1890748","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:21:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1890748"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6601"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frvc-mqhd-eydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57334?format=json","vulnerability_id":"VCID-geqm-dd33-cuc5","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6607","reference_id":"","reference_type":"","scores":[{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.7627","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76159","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76163","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76146","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76185","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76195","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76207","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76218","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76247","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.7606","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76106","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.7612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76145","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76121","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6607"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T21:34:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T21:34:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1694513","reference_id":"show_bug.cgi?id=1694513","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-15T21:34:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1694513"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6607"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-geqm-dd33-cuc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36119?format=json","vulnerability_id":"VCID-gret-hn3p-5kbk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7531","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19193","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19397","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19353","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19297","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19259","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19267","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19277","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19177","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19166","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19124","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19097","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19502","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19549","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19266","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19345","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303148","reference_id":"2303148","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303148"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905691","reference_id":"show_bug.cgi?id=1905691","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:06:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905691"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7531"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gret-hn3p-5kbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36125?format=json","vulnerability_id":"VCID-hetc-sghb-1fcx","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8384.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8384","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55241","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55218","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55237","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55177","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55201","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55176","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55196","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55139","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55098","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55148","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55157","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.5522","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309430","reference_id":"2309430","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309430"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-44/","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911288","reference_id":"show_bug.cgi?id=1911288","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:49:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911288"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8384"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hetc-sghb-1fcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36134?format=json","vulnerability_id":"VCID-hu6v-g43k-9uep","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9395","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52014","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52118","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.521","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52048","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52055","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52018","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51965","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52039","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52091","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52074","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52114","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9395"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315958","reference_id":"2315958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315958"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906024","reference_id":"show_bug.cgi?id=1906024","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906024"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9395"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hu6v-g43k-9uep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36141?format=json","vulnerability_id":"VCID-jebk-6hja-ukfc","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9402","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31278","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31926","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31796","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31826","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31829","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31789","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31753","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31785","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31764","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31734","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31564","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31351","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31203","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31271","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31883","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9402"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315951","reference_id":"2315951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315951"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9402"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jebk-6hja-ukfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36124?format=json","vulnerability_id":"VCID-jt6f-rpfx-7kbj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8383.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8383.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8383","reference_id":"","reference_type":"","scores":[{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44781","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44954","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44944","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44946","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44997","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44991","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4485","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44859","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44765","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44939","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4496","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44953","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309429","reference_id":"2309429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309429"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908496","reference_id":"show_bug.cgi?id=1908496","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:16:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1908496"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8383"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jt6f-rpfx-7kbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36137?format=json","vulnerability_id":"VCID-k3ec-bt9r-pkhg","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9397","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44476","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44463","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4447","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44486","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44511","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44352","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44355","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44274","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44226","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9397"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315949","reference_id":"2315949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315949"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916659","reference_id":"show_bug.cgi?id=1916659","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916659"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9397"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ec-bt9r-pkhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36133?format=json","vulnerability_id":"VCID-ka9e-ps8e-ryc8","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32921","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32852","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32964","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33203","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33057","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3521","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35166","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35162","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35181","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3513","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35144","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35131","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959","reference_id":"2315959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154","reference_id":"show_bug.cgi?id=1899154","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843","reference_id":"show_bug.cgi?id=1905843","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9392"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9e-ps8e-ryc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36138?format=json","vulnerability_id":"VCID-kpun-mgtm-5uhd","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9399","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49311","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49349","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49353","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49345","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49347","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49395","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49391","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49361","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49357","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49222","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49285","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9399"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315945","reference_id":"2315945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315945"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907726","reference_id":"show_bug.cgi?id=1907726","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907726"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9399"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpun-mgtm-5uhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36129?format=json","vulnerability_id":"VCID-mj7u-bpwq-jkhu","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8389.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8389","reference_id":"","reference_type":"","scores":[{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72597","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72504","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72547","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72554","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72552","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72573","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72423","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.7244","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72417","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72456","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72474","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72464","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72506","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0072","scoring_system":"epss","scoring_elements":"0.72514","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309435","reference_id":"2309435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309435"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367","reference_id":"buglist.cgi?bug_id=1907230%2C1909367","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:39:40Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:39:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8389"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mj7u-bpwq-jkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57339?format=json","vulnerability_id":"VCID-muvd-ax39-5qf7","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6612","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.507","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50799","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50775","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50805","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50784","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50733","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50695","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50616","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50669","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50722","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50747","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50703","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50759","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50755","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6612"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:29:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:29:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1880374","reference_id":"show_bug.cgi?id=1880374","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:29:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1880374"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6612"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-muvd-ax39-5qf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57336?format=json","vulnerability_id":"VCID-paez-g9wh-mfeq","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6609","reference_id":"","reference_type":"","scores":[{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68815","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68694","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68664","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68717","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68696","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68751","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68757","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68736","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.6862","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68638","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68665","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68683","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68707","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6609"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839258","reference_id":"show_bug.cgi?id=1839258","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T19:02:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839258"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6609"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-paez-g9wh-mfeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36127?format=json","vulnerability_id":"VCID-pst5-367g-h7cs","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8386.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8386","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50605","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50627","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50622","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5058","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50595","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50578","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50543","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53318","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53285","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53295","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53258","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53216","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53266","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309432","reference_id":"2309432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309432"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907032","reference_id":"show_bug.cgi?id=1907032","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907032"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909163","reference_id":"show_bug.cgi?id=1909163","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909163"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909529","reference_id":"show_bug.cgi?id=1909529","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:44:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909529"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8386"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pst5-367g-h7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36126?format=json","vulnerability_id":"VCID-qd97-asaa-2fey","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8385.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8385","reference_id":"","reference_type":"","scores":[{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51104","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51202","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51195","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51247","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51269","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51262","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51224","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51238","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51259","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51216","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51219","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51181","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51164","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51206","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65876","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.65832","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309431","reference_id":"2309431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309431"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911909","reference_id":"show_bug.cgi?id=1911909","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:46:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1911909"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8385"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qd97-asaa-2fey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57335?format=json","vulnerability_id":"VCID-qgte-aw18-wuev","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6608","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30676","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31127","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3116","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3114","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31109","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30951","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3083","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30746","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30597","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30666","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31265","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31306","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31178","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31209","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31214","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31171","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6608"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:06:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:06:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329","reference_id":"show_bug.cgi?id=1743329","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:06:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1743329"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6608"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgte-aw18-wuev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57342?format=json","vulnerability_id":"VCID-qw18-3u5b-e7dt","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6615","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69343","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69195","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69234","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69243","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69222","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69273","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69282","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6929","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69267","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69309","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69145","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69166","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69147","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69196","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69215","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69238","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69223","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6615"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364","reference_id":"buglist.cgi?bug_id=1892875%2C1894428%2C1898364","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:05:12Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:05:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:05:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6615"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qw18-3u5b-e7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57337?format=json","vulnerability_id":"VCID-r27v-bxdj-7fgk","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6610","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.248","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24917","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2493","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24922","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24897","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2483","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24783","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24736","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25072","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2511","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24885","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24998","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25012","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24971","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6610"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:20:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:20:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1883396","reference_id":"show_bug.cgi?id=1883396","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T19:20:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1883396"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6610"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r27v-bxdj-7fgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36110?format=json","vulnerability_id":"VCID-s556-eg79-77gu","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7522.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7522","reference_id":"","reference_type":"","scores":[{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47894","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47871","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47804","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47888","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47914","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47884","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47941","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.4793","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47992","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47997","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47942","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47933","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47955","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47931","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47936","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303139","reference_id":"2303139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303139"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906727","reference_id":"show_bug.cgi?id=1906727","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:56:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906727"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7522"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s556-eg79-77gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36104?format=json","vulnerability_id":"VCID-svqy-5b6h-7yfj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6603.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6603","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57062","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57069","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57047","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57098","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57111","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5709","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57068","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57003","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57023","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57005","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56954","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57001","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296638","reference_id":"2296638","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296638"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4500","reference_id":"RHSA-2024:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4501","reference_id":"RHSA-2024:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4508","reference_id":"RHSA-2024:4508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4517","reference_id":"RHSA-2024:4517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4586","reference_id":"RHSA-2024:4586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4590","reference_id":"RHSA-2024:4590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4610","reference_id":"RHSA-2024:4610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4624","reference_id":"RHSA-2024:4624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4634","reference_id":"RHSA-2024:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4635","reference_id":"RHSA-2024:4635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4673","reference_id":"RHSA-2024:4673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895081","reference_id":"show_bug.cgi?id=1895081","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T15:12:02Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895081"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6603"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svqy-5b6h-7yfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36105?format=json","vulnerability_id":"VCID-t52p-7rr7-57ax","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6604.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6604","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59557","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59439","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5949","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59486","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5952","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59526","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59509","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59481","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59502","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59488","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59498","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59447","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296639","reference_id":"2296639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296639"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266","reference_id":"buglist.cgi?bug_id=1748105%2C1837550%2C1884266","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T15:20:14Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4500","reference_id":"RHSA-2024:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4501","reference_id":"RHSA-2024:4501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4508","reference_id":"RHSA-2024:4508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4517","reference_id":"RHSA-2024:4517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4586","reference_id":"RHSA-2024:4586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4590","reference_id":"RHSA-2024:4590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4610","reference_id":"RHSA-2024:4610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4624","reference_id":"RHSA-2024:4624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4634","reference_id":"RHSA-2024:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4635","reference_id":"RHSA-2024:4635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4673","reference_id":"RHSA-2024:4673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6604"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t52p-7rr7-57ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36109?format=json","vulnerability_id":"VCID-tegn-2y58-t3de","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7521.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7521.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7521","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49399","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49374","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49314","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49441","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49445","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49411","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49391","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.494","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49434","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49444","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49475","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49431","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49429","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49458","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303138","reference_id":"2303138","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303138"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1904644","reference_id":"show_bug.cgi?id=1904644","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:47:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1904644"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7521"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tegn-2y58-t3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36121?format=json","vulnerability_id":"VCID-ux24-3d83-23c6","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8381.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8381.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8381","reference_id":"","reference_type":"","scores":[{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93683","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93685","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93687","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93682","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93679","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93672","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93654","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93646","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93711","published_at":"2026-05-09T12:55:00Z"},{"value":"0.11622","scoring_system":"epss","scoring_elements":"0.93703","published_at":"2026-05-07T12:55:00Z"},{"value":"0.12468","scoring_system":"epss","scoring_elements":"0.93882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12468","scoring_system":"epss","scoring_elements":"0.93895","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12468","scoring_system":"epss","scoring_elements":"0.93891","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309427","reference_id":"2309427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309427"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-39"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-39/","reference_id":"mfsa2024-39","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-39/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-40"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-40/","reference_id":"mfsa2024-40","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-40/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-41/","reference_id":"mfsa2024-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-43/","reference_id":"mfsa2024-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-44/","reference_id":"mfsa2024-44","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-44/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6681","reference_id":"RHSA-2024:6681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6682","reference_id":"RHSA-2024:6682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6683","reference_id":"RHSA-2024:6683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6684","reference_id":"RHSA-2024:6684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6719","reference_id":"RHSA-2024:6719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6720","reference_id":"RHSA-2024:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6721","reference_id":"RHSA-2024:6721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6722","reference_id":"RHSA-2024:6722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6723","reference_id":"RHSA-2024:6723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6782","reference_id":"RHSA-2024:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6786","reference_id":"RHSA-2024:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6816","reference_id":"RHSA-2024:6816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6838","reference_id":"RHSA-2024:6838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6850","reference_id":"RHSA-2024:6850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6891","reference_id":"RHSA-2024:6891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6892","reference_id":"RHSA-2024:6892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6892"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912715","reference_id":"show_bug.cgi?id=1912715","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-03T15:55:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912715"},{"reference_url":"https://usn.ubuntu.com/6992-1/","reference_id":"USN-6992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6992-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-8381"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ux24-3d83-23c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36103?format=json","vulnerability_id":"VCID-w794-gqex-83du","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6602","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73616","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73443","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7348","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73493","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73517","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73497","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73532","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73541","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73534","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73567","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73578","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73577","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73569","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73593","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73448","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296637","reference_id":"2296637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296637"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4625","reference_id":"RHSA-2024:4625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4670","reference_id":"RHSA-2024:4670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4671","reference_id":"RHSA-2024:4671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4717","reference_id":"RHSA-2024:4717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4718","reference_id":"RHSA-2024:4718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4894","reference_id":"RHSA-2024:4894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6839","reference_id":"RHSA-2024:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6839"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032","reference_id":"show_bug.cgi?id=1895032","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895032"},{"reference_url":"https://usn.ubuntu.com/6890-1/","reference_id":"USN-6890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6890-1/"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-6602"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w794-gqex-83du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36115?format=json","vulnerability_id":"VCID-xevc-xbcg-1yct","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7526.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7526","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50548","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50494","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5057","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50626","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50632","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50598","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50578","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50681","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50675","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50634","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50648","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50671","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303143","reference_id":"2303143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303143"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1910306","reference_id":"show_bug.cgi?id=1910306","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T20:50:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1910306"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7526"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xevc-xbcg-1yct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36114?format=json","vulnerability_id":"VCID-xyqa-esey-73e1","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7525.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7525.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7525","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33157","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33048","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33163","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33421","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33582","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33242","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33449","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33474","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33437","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33461","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33499","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33465","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303142","reference_id":"2303142","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303142"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909298","reference_id":"show_bug.cgi?id=1909298","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:11:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909298"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7525"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xyqa-esey-73e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36118?format=json","vulnerability_id":"VCID-z6kw-szww-7feq","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7529.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7529","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31348","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3134","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31271","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31421","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31988","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31633","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31802","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31849","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31818","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31853","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31861","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303146","reference_id":"2303146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303146"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-34/","reference_id":"mfsa2024-34","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-38/","reference_id":"mfsa2024-38","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903187","reference_id":"show_bug.cgi?id=1903187","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T13:32:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1903187"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"},{"reference_url":"https://usn.ubuntu.com/6995-1/","reference_id":"USN-6995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6995-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7529"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6kw-szww-7feq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36140?format=json","vulnerability_id":"VCID-z6yt-va55-s3ey","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37592","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37575","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37714","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3795","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37737","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40038","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40067","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40075","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40037","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40063","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950","reference_id":"2315950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-9401"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6yt-va55-s3ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36117?format=json","vulnerability_id":"VCID-zveb-b3t7-7yfg","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7528.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7528","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46801","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46861","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46884","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46857","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4692","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46917","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46866","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4685","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4686","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46718","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46781","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46859","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46862","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7528"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303145","reference_id":"2303145","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303145"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202412-13","reference_id":"GLSA-202412-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-35/","reference_id":"mfsa2024-35","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-37/","reference_id":"mfsa2024-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-37/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5322","reference_id":"RHSA-2024:5322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5323","reference_id":"RHSA-2024:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5324","reference_id":"RHSA-2024:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5325","reference_id":"RHSA-2024:5325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5326","reference_id":"RHSA-2024:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5327","reference_id":"RHSA-2024:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5328","reference_id":"RHSA-2024:5328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5329","reference_id":"RHSA-2024:5329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5391","reference_id":"RHSA-2024:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5392","reference_id":"RHSA-2024:5392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5393","reference_id":"RHSA-2024:5393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5394","reference_id":"RHSA-2024:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5395","reference_id":"RHSA-2024:5395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5396","reference_id":"RHSA-2024:5396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5402","reference_id":"RHSA-2024:5402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5527","reference_id":"RHSA-2024:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5528","reference_id":"RHSA-2024:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5528"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895951","reference_id":"show_bug.cgi?id=1895951","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:09:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895951"},{"reference_url":"https://usn.ubuntu.com/6966-1/","reference_id":"USN-6966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/83384?format=json","purl":"pkg:ebuild/www-client/firefox@123.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@123.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83385?format=json","purl":"pkg:ebuild/www-client/firefox@128.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@128.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/83386?format=json","purl":"pkg:ebuild/www-client/firefox@131.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}],"aliases":["CVE-2024-7528"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zveb-b3t7-7yfg"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@131.0.2"}