{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","type":"ebuild","namespace":"dev-lang","name":"spidermonkey","version":"128.8.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"128.9.0","latest_non_vulnerable_version":"128.9.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48295?format=json","vulnerability_id":"VCID-18my-61hh-n3gb","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1934","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51755","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51786","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51739","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55352","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55414","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55403","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55374","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56792","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56753","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56692","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.5671","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56694","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56648","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56756","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56706","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56729","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349790","reference_id":"2349790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349790"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881","reference_id":"show_bug.cgi?id=1942881","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1934"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-18my-61hh-n3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36153?format=json","vulnerability_id":"VCID-19vv-zhum-43hp","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10468","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50462","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50586","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50509","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50517","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50472","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50394","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50447","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50477","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50431","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50503","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5053","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50538","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50535","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50577","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50553","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50581","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10468"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322443","reference_id":"2322443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322443"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914982","reference_id":"show_bug.cgi?id=1914982","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914982"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10468"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19vv-zhum-43hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36136?format=json","vulnerability_id":"VCID-1z5d-4wfm-8yfk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9396","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39146","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39583","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39593","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39555","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39589","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39475","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3928","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39264","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39056","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39124","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39141","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39051","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39073","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39574","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39567","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315954","reference_id":"2315954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315954"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912471","reference_id":"show_bug.cgi?id=1912471","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T19:12:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912471"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9396"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1z5d-4wfm-8yfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36147?format=json","vulnerability_id":"VCID-6bbw-b3rx-a7hj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66212","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66028","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66063","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66097","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66073","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66161","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66134","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66155","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65994","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66023","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6604","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440","reference_id":"2322440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322440"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423","reference_id":"show_bug.cgi?id=1920423","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920423"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10462"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bbw-b3rx-a7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48296?format=json","vulnerability_id":"VCID-7eu3-hxbk-8fd7","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1935","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40718","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40734","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40763","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45275","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45317","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45258","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45298","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45358","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45432","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45218","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45242","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53151","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53181","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53204","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53249","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349792","reference_id":"2349792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349792"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1866661","reference_id":"show_bug.cgi?id=1866661","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1866661"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1935"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7eu3-hxbk-8fd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48300?format=json","vulnerability_id":"VCID-95vw-esba-23a2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1937","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43889","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43852","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48914","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48884","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48937","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4891","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48847","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48929","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48976","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48967","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48979","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48989","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49248","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49213","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49244","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49262","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49241","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49193","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349795","reference_id":"2349795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349795"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716","reference_id":"buglist.cgi?bug_id=1938471%2C1940716","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2899","reference_id":"RHSA-2025:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2900","reference_id":"RHSA-2025:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2957","reference_id":"RHSA-2025:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2958","reference_id":"RHSA-2025:2958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2959","reference_id":"RHSA-2025:2959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2960","reference_id":"RHSA-2025:2960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3009","reference_id":"RHSA-2025:3009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3013","reference_id":"RHSA-2025:3013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3036","reference_id":"RHSA-2025:3036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3036"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1937"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95vw-esba-23a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36142?format=json","vulnerability_id":"VCID-9caj-c15z-xuf5","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9403","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27854","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.282","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28113","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28001","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27923","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27757","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2782","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27846","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27763","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27779","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2845","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28242","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28308","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28312","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28254","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28266","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28247","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9403"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315947","reference_id":"2315947","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315947"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917807","reference_id":"show_bug.cgi?id=1917807","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:34:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917807"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9403"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9caj-c15z-xuf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36145?format=json","vulnerability_id":"VCID-aemu-emvp-hkfh","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62015","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61883","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61899","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6192","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61908","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61888","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61931","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61936","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61919","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61915","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61933","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61925","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6187","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61918","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61979","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6196","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61832","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61862","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61834","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444","reference_id":"2322444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322444"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537","reference_id":"show_bug.cgi?id=1912537","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1912537"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10460"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aemu-emvp-hkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36131?format=json","vulnerability_id":"VCID-b6ug-rdyx-4uaw","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8900","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41694","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41619","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41593","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41684","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41668","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41599","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41819","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41826","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44133","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44151","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44136","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44181","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44171","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312914","reference_id":"2312914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312914"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-33/","reference_id":"mfsa2024-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872841","reference_id":"show_bug.cgi?id=1872841","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T20:14:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872841"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-8900"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ug-rdyx-4uaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36139?format=json","vulnerability_id":"VCID-bsnh-1chq-z7ae","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9400.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9400","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.3335","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33876","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33874","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33846","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.338","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33418","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33336","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33228","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33294","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33335","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33246","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33272","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33949","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33802","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9400"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315953","reference_id":"2315953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315953"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915249","reference_id":"show_bug.cgi?id=1915249","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:42:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915249"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9400"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsnh-1chq-z7ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36144?format=json","vulnerability_id":"VCID-bwk4-hqx8-97dy","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459","reference_id":"","reference_type":"","scores":[{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.7242","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.7222","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72195","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72244","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72267","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72237","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.7228","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72289","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72276","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72321","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72331","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72327","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72318","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72346","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72373","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72335","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72362","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.722","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429","reference_id":"2322429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322429"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087","reference_id":"show_bug.cgi?id=1919087","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1919087"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10459"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bwk4-hqx8-97dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36132?format=json","vulnerability_id":"VCID-dmnj-pt27-3bge","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9391","reference_id":"","reference_type":"","scores":[{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58056","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57964","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57947","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58008","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57958","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57987","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57948","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58003","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57978","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58009","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.57985","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315948","reference_id":"2315948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315948"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1892407","reference_id":"show_bug.cgi?id=1892407","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1892407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9391"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmnj-pt27-3bge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36149?format=json","vulnerability_id":"VCID-ds2y-kn7q-vuct","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464","reference_id":"","reference_type":"","scores":[{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67093","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66961","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66916","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66949","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66963","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66945","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66968","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66978","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66993","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67033","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67005","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67029","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6688","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66906","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66879","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66927","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424","reference_id":"2322424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322424"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000","reference_id":"show_bug.cgi?id=1913000","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1913000"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10464"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ds2y-kn7q-vuct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36151?format=json","vulnerability_id":"VCID-hfx8-7x82-zqfk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71514","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71306","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71342","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71327","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7131","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71356","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71362","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71341","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71403","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71406","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71393","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71429","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71464","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71459","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71265","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438","reference_id":"2322438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322438"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154","reference_id":"show_bug.cgi?id=1924154","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924154"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10466"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hfx8-7x82-zqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36134?format=json","vulnerability_id":"VCID-hu6v-g43k-9uep","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9395","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52121","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52055","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52018","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51965","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52014","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52016","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5204","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52039","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52091","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52074","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52118","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.521","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52048","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9395"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315958","reference_id":"2315958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315958"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906024","reference_id":"show_bug.cgi?id=1906024","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1906024"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9395"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hu6v-g43k-9uep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36141?format=json","vulnerability_id":"VCID-jebk-6hja-ukfc","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9402","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.3128","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31826","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31829","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31789","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31753","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31785","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31764","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31734","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31564","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31351","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31203","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31271","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31278","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31186","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31209","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31926","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31796","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9402"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315951","reference_id":"2315951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315951"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:36:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9402"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jebk-6hja-ukfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36137?format=json","vulnerability_id":"VCID-k3ec-bt9r-pkhg","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9397.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9397","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44206","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44463","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4447","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44486","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44511","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44352","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44355","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44274","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44226","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44176","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44476","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9397"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315949","reference_id":"2315949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315949"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916659","reference_id":"show_bug.cgi?id=1916659","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916659"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9397"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ec-bt9r-pkhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36133?format=json","vulnerability_id":"VCID-ka9e-ps8e-ryc8","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32975","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32896","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3287","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33203","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33057","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32964","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32852","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32921","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35181","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3521","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35162","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3513","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35144","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35131","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35166","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959","reference_id":"2315959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315959"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154","reference_id":"show_bug.cgi?id=1899154","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899154"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843","reference_id":"show_bug.cgi?id=1905843","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1905843"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9392"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9e-ps8e-ryc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36138?format=json","vulnerability_id":"VCID-kpun-mgtm-5uhd","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9399.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9399","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49289","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49353","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49345","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49347","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49395","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49391","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49361","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49357","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49222","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49285","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49311","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49261","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49349","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9399"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315945","reference_id":"2315945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315945"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907726","reference_id":"show_bug.cgi?id=1907726","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:39:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1907726"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9399"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpun-mgtm-5uhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36150?format=json","vulnerability_id":"VCID-mw96-qtnz-gqdx","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66212","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66028","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66063","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66065","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66097","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66073","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66161","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66134","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66155","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65994","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66023","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6604","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434","reference_id":"2322434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322434"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853","reference_id":"show_bug.cgi?id=1918853","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1918853"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10465"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mw96-qtnz-gqdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36143?format=json","vulnerability_id":"VCID-n4hu-b1t6-xkay","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458","reference_id":"","reference_type":"","scores":[{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64045","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63993","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63967","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63953","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63936","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63938","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63926","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.6392","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.6391","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63874","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63908","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63891","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428","reference_id":"2322428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322428"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733","reference_id":"show_bug.cgi?id=1921733","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921733"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10458"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n4hu-b1t6-xkay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48301?format=json","vulnerability_id":"VCID-pcrz-f3nj-kybr","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1938","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49258","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49263","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49307","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49311","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54275","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54327","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.5422","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54178","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54227","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54252","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54238","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54274","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54234","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.5426","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54773","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54821","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54832","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349793","reference_id":"2349793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349793"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111","reference_id":"buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2899","reference_id":"RHSA-2025:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2900","reference_id":"RHSA-2025:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2957","reference_id":"RHSA-2025:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2958","reference_id":"RHSA-2025:2958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2959","reference_id":"RHSA-2025:2959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2960","reference_id":"RHSA-2025:2960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3009","reference_id":"RHSA-2025:3009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3013","reference_id":"RHSA-2025:3013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3036","reference_id":"RHSA-2025:3036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3036"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1938"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pcrz-f3nj-kybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36148?format=json","vulnerability_id":"VCID-rcg4-7hjg-v7du","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6466","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64477","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64436","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64501","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64504","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64476","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64522","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64514","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64535","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64547","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64521","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64568","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64584","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64606","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439","reference_id":"2322439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322439"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-57"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-57/","reference_id":"mfsa2024-57","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-57/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800","reference_id":"show_bug.cgi?id=1920800","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1920800"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10463"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcg4-7hjg-v7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36146?format=json","vulnerability_id":"VCID-sg2y-gfue-6qam","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461","reference_id":"","reference_type":"","scores":[{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7648","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76259","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76291","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76305","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76331","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76309","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76345","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7635","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76335","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.7637","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76378","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76389","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76408","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76428","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76415","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76431","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76248","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00944","scoring_system":"epss","scoring_elements":"0.76278","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425","reference_id":"2322425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322425"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521","reference_id":"show_bug.cgi?id=1914521","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914521"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10461"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg2y-gfue-6qam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48294?format=json","vulnerability_id":"VCID-upvn-56py-8ud7","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1933","reference_id":"","reference_type":"","scores":[{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59586","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59567","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.5951","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59503","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59535","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59555","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61078","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61126","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.6112","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61097","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65581","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65536","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65489","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.6551","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65513","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65502","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65484","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65627","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65571","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65552","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349794","reference_id":"2349794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349794"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1946004","reference_id":"show_bug.cgi?id=1946004","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1946004"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1933"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upvn-56py-8ud7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36152?format=json","vulnerability_id":"VCID-vdpy-f9d9-pfac","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67495","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67334","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67348","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67369","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67356","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67321","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67368","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67346","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67365","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67376","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67397","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67436","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67408","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67433","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67282","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67305","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433","reference_id":"2322433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322433"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_id":"buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-55/","reference_id":"mfsa2024-55","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-56/","reference_id":"mfsa2024-56","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-56/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-58"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-58/","reference_id":"mfsa2024-58","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-58/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-59"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-59/","reference_id":"mfsa2024-59","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-59/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8720","reference_id":"RHSA-2024:8720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8721","reference_id":"RHSA-2024:8721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8722","reference_id":"RHSA-2024:8722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8723","reference_id":"RHSA-2024:8723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8724","reference_id":"RHSA-2024:8724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8725","reference_id":"RHSA-2024:8725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8726","reference_id":"RHSA-2024:8726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8727","reference_id":"RHSA-2024:8727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8728","reference_id":"RHSA-2024:8728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8729","reference_id":"RHSA-2024:8729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8790","reference_id":"RHSA-2024:8790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8793","reference_id":"RHSA-2024:8793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9015","reference_id":"RHSA-2024:9015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9016","reference_id":"RHSA-2024:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9017","reference_id":"RHSA-2024:9017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9018","reference_id":"RHSA-2024:9018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9019","reference_id":"RHSA-2024:9019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9552","reference_id":"RHSA-2024:9552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9554","reference_id":"RHSA-2024:9554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9554"},{"reference_url":"https://usn.ubuntu.com/7086-1/","reference_id":"USN-7086-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7086-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-10467"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdpy-f9d9-pfac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48292?format=json","vulnerability_id":"VCID-w6j3-6a6j-uqf1","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1931","reference_id":"","reference_type":"","scores":[{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55319","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55295","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55315","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59781","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59936","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59871","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59888","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59828","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59818","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59833","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59816","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59845","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65614","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65565","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65535","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65531","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349786","reference_id":"2349786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349786"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944126","reference_id":"show_bug.cgi?id=1944126","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944126"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1931"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6j3-6a6j-uqf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48298?format=json","vulnerability_id":"VCID-y7sk-dmau-4fam","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1936","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35873","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35876","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35888","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39605","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39618","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39589","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39524","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39654","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3974","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39755","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39928","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3952","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39545","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64894","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64903","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64959","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64976","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349797","reference_id":"2349797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349797"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940027","reference_id":"show_bug.cgi?id=1940027","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940027"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1936"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7sk-dmau-4fam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36140?format=json","vulnerability_id":"VCID-z6yt-va55-s3ey","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37557","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37479","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37506","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37592","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37575","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37714","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3795","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37737","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40075","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40063","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40037","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40067","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40038","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950","reference_id":"2315950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315950"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_id":"buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476"},{"reference_url":"https://security.gentoo.org/glsa/202412-04","reference_id":"GLSA-202412-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-04"},{"reference_url":"https://security.gentoo.org/glsa/202412-06","reference_id":"GLSA-202412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-06"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-46/","reference_id":"mfsa2024-46","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-47/","reference_id":"mfsa2024-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-47/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-48/","reference_id":"mfsa2024-48","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-49"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-49/","reference_id":"mfsa2024-49","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-49/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-50/","reference_id":"mfsa2024-50","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-50/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7505","reference_id":"RHSA-2024:7505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7552","reference_id":"RHSA-2024:7552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7621","reference_id":"RHSA-2024:7621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7622","reference_id":"RHSA-2024:7622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7646","reference_id":"RHSA-2024:7646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7699","reference_id":"RHSA-2024:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7700","reference_id":"RHSA-2024:7700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7702","reference_id":"RHSA-2024:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7703","reference_id":"RHSA-2024:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7704","reference_id":"RHSA-2024:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7842","reference_id":"RHSA-2024:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7853","reference_id":"RHSA-2024:7853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7854","reference_id":"RHSA-2024:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7855","reference_id":"RHSA-2024:7855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7856","reference_id":"RHSA-2024:7856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8166","reference_id":"RHSA-2024:8166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8169","reference_id":"RHSA-2024:8169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8169"},{"reference_url":"https://usn.ubuntu.com/7056-1/","reference_id":"USN-7056-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7056-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-9401"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6yt-va55-s3ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48293?format=json","vulnerability_id":"VCID-z8cr-rten-qqg2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1932","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39565","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.3954","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39626","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39637","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39609","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39544","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.3976","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39774","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40024","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40054","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43189","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43252","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43241","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43274","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349796","reference_id":"2349796","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349796"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944313","reference_id":"show_bug.cgi?id=1944313","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944313"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2025-1932"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8cr-rten-qqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48291?format=json","vulnerability_id":"VCID-zefw-etrb-z3fu","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43097","reference_id":"","reference_type":"","scores":[{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.7605","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75928","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75939","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75948","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75977","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76001","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75986","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75856","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.7588","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75861","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75855","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75892","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75895","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75919","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://source.android.com/security/bulletin/2024-12-01","reference_id":"2024-12-01","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/"}],"url":"https://source.android.com/security/bulletin/2024-12-01"},{"reference_url":"https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7","reference_id":"8d355fe1d0795fc30b84194b87563f75c6f8f2a7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/"}],"url":"https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84425?format=json","purl":"pkg:ebuild/dev-lang/spidermonkey@128.8.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}],"aliases":["CVE-2024-43097"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zefw-etrb-z3fu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/spidermonkey@128.8.0"}