{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","type":"ebuild","namespace":"mail-client","name":"thunderbird-bin","version":"128.9.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48295?format=json","vulnerability_id":"VCID-18my-61hh-n3gb","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1934","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51755","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51786","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51739","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55352","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55414","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55403","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55374","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56792","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56753","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56692","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.5671","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56694","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56648","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56756","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56706","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0034","scoring_system":"epss","scoring_elements":"0.56729","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349790","reference_id":"2349790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349790"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881","reference_id":"show_bug.cgi?id=1942881","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1942881"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1934"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-18my-61hh-n3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41995?format=json","vulnerability_id":"VCID-1zf8-qjts-9fbc","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11704","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42112","published_at":"2026-04-16T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42086","published_at":"2026-04-12T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42124","published_at":"2026-04-11T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42089","published_at":"2026-04-08T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42072","published_at":"2026-04-02T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42099","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50592","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50639","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50566","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50574","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50528","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50447","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50501","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50531","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50485","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50516","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328942","reference_id":"2328942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328942"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-09/","reference_id":"mfsa2025-09","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-10/","reference_id":"mfsa2025-10","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-10/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899402","reference_id":"show_bug.cgi?id=1899402","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1899402"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11704"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zf8-qjts-9fbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48305?format=json","vulnerability_id":"VCID-2ejc-7bd5-qkbf","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3028.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3028.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3028","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31411","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31503","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31435","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72342","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72354","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72348","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72308","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72481","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72456","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72426","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72438","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72429","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72386","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72398","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72389","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72327","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3028"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356562","reference_id":"2356562","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356562"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-21","reference_id":"mfsa2025-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-21/","reference_id":"mfsa2025-21","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-22/","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-24/","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3556","reference_id":"RHSA-2025:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3581","reference_id":"RHSA-2025:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3582","reference_id":"RHSA-2025:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3587","reference_id":"RHSA-2025:3587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3589","reference_id":"RHSA-2025:3589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3590","reference_id":"RHSA-2025:3590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3620","reference_id":"RHSA-2025:3620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3621","reference_id":"RHSA-2025:3621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3623","reference_id":"RHSA-2025:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3628","reference_id":"RHSA-2025:3628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4026","reference_id":"RHSA-2025:4026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4027","reference_id":"RHSA-2025:4027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4028","reference_id":"RHSA-2025:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4029","reference_id":"RHSA-2025:4029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4030","reference_id":"RHSA-2025:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4031","reference_id":"RHSA-2025:4031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4032","reference_id":"RHSA-2025:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4169","reference_id":"RHSA-2025:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4170","reference_id":"RHSA-2025:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7491","reference_id":"RHSA-2025:7491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7493","reference_id":"RHSA-2025:7493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7493"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1941002","reference_id":"show_bug.cgi?id=1941002","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1941002"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-3028"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ejc-7bd5-qkbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48309?format=json","vulnerability_id":"VCID-2q2k-zuq7-cye9","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3032.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3032","reference_id":"","reference_type":"","scores":[{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40833","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40733","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40758","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4695","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46937","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46953","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46977","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46957","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47013","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47009","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46942","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46905","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46817","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4688","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46899","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3032"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356558","reference_id":"2356558","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356558"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T18:33:57Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:34Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T18:33:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1949987","reference_id":"show_bug.cgi?id=1949987","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T18:33:57Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:34Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1949987"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-3032"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2q2k-zuq7-cye9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41997?format=json","vulnerability_id":"VCID-3fpq-jre6-53fs","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11706.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11706","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37899","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38253","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38094","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38071","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37977","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37925","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37938","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37848","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37824","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38389","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38413","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38277","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38327","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38336","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38353","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38316","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38291","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38339","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38317","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11706"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328951","reference_id":"2328951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328951"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923767","reference_id":"show_bug.cgi?id=1923767","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923767"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11706"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fpq-jre6-53fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42004?format=json","vulnerability_id":"VCID-4zjw-4gjw-pqh1","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0242","reference_id":"","reference_type":"","scores":[{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85212","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85152","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85161","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85158","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85172","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85129","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85197","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85216","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85226","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02414","scoring_system":"epss","scoring_elements":"0.85262","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86394","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86343","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86362","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86371","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86385","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86377","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86399","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02914","scoring_system":"epss","scoring_elements":"0.86342","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336181","reference_id":"2336181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336181"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169","reference_id":"buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-03/","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0242"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zjw-4gjw-pqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41987?format=json","vulnerability_id":"VCID-5j6z-g7gt-qyea","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11694","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32663","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32689","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32664","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32616","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32759","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35013","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37069","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37099","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.3732","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.36893","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.3687","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.36949","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.36929","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.36862","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.36981","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39421","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328941","reference_id":"2328941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328941"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-65/","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-70/","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-70/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924167","reference_id":"show_bug.cgi?id=1924167","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924167"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"},{"reference_url":"https://usn.ubuntu.com/7193-1/","reference_id":"USN-7193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7193-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11694"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5j6z-g7gt-qyea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17242?format=json","vulnerability_id":"VCID-6szy-r2cd-9kfw","summary":"matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal\n### Summary\n\nmatrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the client's homeserver.\n\n### Details\n\nThe Matrix specification demands homeservers to [perform validation](https://spec.matrix.org/v1.12/client-server-api/#security-considerations-5) of the `server-name` and `media-id` components of MXC URIs with the intent to prevent path traversal. However, it is not mentioned that a similar check must also be performed on the client to prevent *client-side* path traversal. matrix-js-sdk fails to perform this validation.\n\n### Patches\n\nFixed in matrix-js-sdk 34.11.1.\n\n### Workarounds\n\nNone.\n\n### References\n\n- https://spec.matrix.org/v1.12/client-server-api/#security-considerations-5\n- https://blog.doyensec.com/2024/07/02/cspt2csrf.html","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50336","reference_id":"","reference_type":"","scores":[{"value":"0.00647","scoring_system":"epss","scoring_elements":"0.70702","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75492","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75437","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75427","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75448","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75422","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75393","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75386","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75382","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75377","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75343","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75353","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75346","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75307","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75265","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75308","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75288","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.7534","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75318","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50336"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/matrix-org/matrix-js-sdk","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/matrix-org/matrix-js-sdk"},{"reference_url":"https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-xvg8-m4x3-w6xr","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T17:11:23Z/"}],"url":"https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-xvg8-m4x3-w6xr"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00004.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50336","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50336"},{"reference_url":"https://spec.matrix.org/v1.12/client-server-api/#security-considerations-5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T17:11:23Z/"}],"url":"https://spec.matrix.org/v1.12/client-server-api/#security-considerations-5"},{"reference_url":"https://github.com/advisories/GHSA-xvg8-m4x3-w6xr","reference_id":"GHSA-xvg8-m4x3-w6xr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xvg8-m4x3-w6xr"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-69","reference_id":"mfsa2024-69","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-69"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-50336","GHSA-xvg8-m4x3-w6xr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6szy-r2cd-9kfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41998?format=json","vulnerability_id":"VCID-73bd-e4pc-y7h6","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11708.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11708","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39088","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3922","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.38994","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39065","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39082","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.38991","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39014","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39514","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39537","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39451","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39507","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39522","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39533","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39495","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39528","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.395","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11708"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328939","reference_id":"2328939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328939"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1922912","reference_id":"show_bug.cgi?id=1922912","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1922912"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11708"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73bd-e4pc-y7h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41996?format=json","vulnerability_id":"VCID-769r-8mmt-6qcc","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11705.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11705","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40763","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40718","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40737","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40752","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40745","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40695","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40744","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40771","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49046","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49038","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49023","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49032","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48988","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48906","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4897","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48997","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48943","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48972","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4907","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11705"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328955","reference_id":"2328955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328955"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921768","reference_id":"show_bug.cgi?id=1921768","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921768"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11705"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-769r-8mmt-6qcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48296?format=json","vulnerability_id":"VCID-7eu3-hxbk-8fd7","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1935","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40718","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40734","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40763","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45275","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45317","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45258","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45298","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45358","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45432","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45218","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45242","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53151","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53181","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53204","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53249","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349792","reference_id":"2349792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349792"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1866661","reference_id":"show_bug.cgi?id=1866661","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1866661"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1935"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7eu3-hxbk-8fd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41991?format=json","vulnerability_id":"VCID-8k4z-rq29-mqg5","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11697","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22018","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2202","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22081","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22122","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22104","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22048","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22135","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22184","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25439","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25514","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25467","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25459","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25411","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25295","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25363","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25424","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25346","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25362","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26995","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328950","reference_id":"2328950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328950"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842187","reference_id":"show_bug.cgi?id=1842187","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842187"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11697"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8k4z-rq29-mqg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48307?format=json","vulnerability_id":"VCID-8san-ze3j-dqdx","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3030.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3030.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3030","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46639","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46741","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46672","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.6304","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63015","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63032","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63018","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62996","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63033","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62954","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63107","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63054","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63008","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63052","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63053","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63038","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63019","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62983","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62947","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62998","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356563","reference_id":"2356563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356563"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494","reference_id":"buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T15:44:40Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T15:44:40Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-22/","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T15:44:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T15:44:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-24/","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-01T15:44:40Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3556","reference_id":"RHSA-2025:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3581","reference_id":"RHSA-2025:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3582","reference_id":"RHSA-2025:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3587","reference_id":"RHSA-2025:3587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3589","reference_id":"RHSA-2025:3589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3590","reference_id":"RHSA-2025:3590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3620","reference_id":"RHSA-2025:3620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3621","reference_id":"RHSA-2025:3621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3623","reference_id":"RHSA-2025:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3628","reference_id":"RHSA-2025:3628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4026","reference_id":"RHSA-2025:4026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4027","reference_id":"RHSA-2025:4027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4028","reference_id":"RHSA-2025:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4029","reference_id":"RHSA-2025:4029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4030","reference_id":"RHSA-2025:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4031","reference_id":"RHSA-2025:4031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4032","reference_id":"RHSA-2025:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4169","reference_id":"RHSA-2025:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4170","reference_id":"RHSA-2025:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7491","reference_id":"RHSA-2025:7491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7493","reference_id":"RHSA-2025:7493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7493"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-3030"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8san-ze3j-dqdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48300?format=json","vulnerability_id":"VCID-95vw-esba-23a2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1937","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43889","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43852","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48914","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48884","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48937","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4891","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48847","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48929","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48976","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48967","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48979","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48989","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49248","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49213","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49244","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49262","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49241","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49193","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349795","reference_id":"2349795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349795"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716","reference_id":"buglist.cgi?bug_id=1938471%2C1940716","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2899","reference_id":"RHSA-2025:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2900","reference_id":"RHSA-2025:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2957","reference_id":"RHSA-2025:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2958","reference_id":"RHSA-2025:2958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2959","reference_id":"RHSA-2025:2959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2960","reference_id":"RHSA-2025:2960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3009","reference_id":"RHSA-2025:3009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3013","reference_id":"RHSA-2025:3013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3036","reference_id":"RHSA-2025:3036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3036"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1937"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95vw-esba-23a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61340?format=json","vulnerability_id":"VCID-b5t3-yqha-xyeq","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26696.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26696","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29894","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34526","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34628","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34591","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34552","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34518","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3462","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36776","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.3643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36519","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36549","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40008","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39983","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.4001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39931","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39984","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39998","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39972","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39952","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40002","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351157","reference_id":"2351157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351157"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T19:15:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T19:15:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1864205","reference_id":"show_bug.cgi?id=1864205","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T19:15:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1864205"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-26696"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5t3-yqha-xyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41988?format=json","vulnerability_id":"VCID-bjny-apx2-8ba1","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11695","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32466","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32492","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3253","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32526","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32498","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3245","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32627","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36806","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.3693","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36898","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.3681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36693","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.3676","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36784","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36708","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36731","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39232","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328948","reference_id":"2328948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328948"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1925496","reference_id":"show_bug.cgi?id=1925496","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1925496"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11695"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjny-apx2-8ba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41989?format=json","vulnerability_id":"VCID-dh5k-q87q-4qfs","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11696","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13625","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13713","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13762","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13799","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13831","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1378","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13698","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13839","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13896","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17501","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17549","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17459","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17437","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17368","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1723","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17321","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17418","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17385","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17422","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18978","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328943","reference_id":"2328943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328943"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929600","reference_id":"show_bug.cgi?id=1929600","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929600"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11696"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5k-q87q-4qfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42001?format=json","vulnerability_id":"VCID-f1zm-g4es-vfbz","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0239","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08874","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0867","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08694","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08671","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08546","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08534","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08687","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08702","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08654","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08656","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08593","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08735","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08823","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08787","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08815","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08626","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08677","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08596","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336170","reference_id":"2336170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336170"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929156","reference_id":"show_bug.cgi?id=1929156","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929156"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0239"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f1zm-g4es-vfbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48306?format=json","vulnerability_id":"VCID-g3n8-mvdt-cqdj","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3029.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3029","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32838","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32758","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32733","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70864","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70889","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70908","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70923","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70946","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70931","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70915","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70961","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70968","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71002","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71012","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.7101","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70993","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71033","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71069","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70871","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356556","reference_id":"2356556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356556"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-22/","reference_id":"mfsa2025-22","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-24/","reference_id":"mfsa2025-24","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3556","reference_id":"RHSA-2025:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3581","reference_id":"RHSA-2025:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3582","reference_id":"RHSA-2025:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3587","reference_id":"RHSA-2025:3587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3589","reference_id":"RHSA-2025:3589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3590","reference_id":"RHSA-2025:3590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3620","reference_id":"RHSA-2025:3620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3621","reference_id":"RHSA-2025:3621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3623","reference_id":"RHSA-2025:3623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3628","reference_id":"RHSA-2025:3628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4026","reference_id":"RHSA-2025:4026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4027","reference_id":"RHSA-2025:4027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4028","reference_id":"RHSA-2025:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4029","reference_id":"RHSA-2025:4029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4030","reference_id":"RHSA-2025:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4031","reference_id":"RHSA-2025:4031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4032","reference_id":"RHSA-2025:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4169","reference_id":"RHSA-2025:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4170","reference_id":"RHSA-2025:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7491","reference_id":"RHSA-2025:7491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7493","reference_id":"RHSA-2025:7493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7493"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952213","reference_id":"show_bug.cgi?id=1952213","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952213"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-3029"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3n8-mvdt-cqdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41986?format=json","vulnerability_id":"VCID-grjt-j4at-pqbp","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11692","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23551","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23468","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23452","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23501","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23434","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23472","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23509","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23632","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23521","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24914","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25101","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2514","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24983","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25028","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25042","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25002","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24948","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24961","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24953","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946","reference_id":"2328946","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909535","reference_id":"show_bug.cgi?id=1909535","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1909535"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11692"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-grjt-j4at-pqbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48310?format=json","vulnerability_id":"VCID-h261-q8t7-n3cm","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3034","reference_id":"","reference_type":"","scores":[{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.48805","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.48774","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.48881","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55276","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55233","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.553","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55278","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55215","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55236","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55207","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55157","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.552","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55257","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55256","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55235","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55285","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55297","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55258","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55296","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3034"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1894100%2C1934086%2C1950360","reference_id":"buglist.cgi?bug_id=1894100%2C1934086%2C1950360","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:44Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1894100%2C1934086%2C1950360"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-3034"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h261-q8t7-n3cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42000?format=json","vulnerability_id":"VCID-j5k8-ztxb-uffb","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0238","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.2998","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30305","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.3019","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30109","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.29969","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30074","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30041","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30001","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30049","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32165","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32027","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32078","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32108","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32112","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32042","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32053","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32204","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336165","reference_id":"2336165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336165"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-03/","reference_id":"mfsa2025-03","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-03/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915535","reference_id":"show_bug.cgi?id=1915535","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915535"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0238"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j5k8-ztxb-uffb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41994?format=json","vulnerability_id":"VCID-kc7w-zjh4-vqfq","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11701.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11701.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11701","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40207","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40461","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40347","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40266","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40128","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40195","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40213","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40116","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40139","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40547","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40575","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40546","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40557","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40577","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4054","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40521","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4057","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40538","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11701"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328945","reference_id":"2328945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328945"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914797","reference_id":"show_bug.cgi?id=1914797","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914797"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11701"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kc7w-zjh4-vqfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48301?format=json","vulnerability_id":"VCID-pcrz-f3nj-kybr","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1938","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49258","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49263","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49307","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49311","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54275","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54327","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.5422","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54178","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54227","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54252","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54238","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54274","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54234","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.5426","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54773","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54821","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54832","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349793","reference_id":"2349793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349793"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111","reference_id":"buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2899","reference_id":"RHSA-2025:2899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2900","reference_id":"RHSA-2025:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2957","reference_id":"RHSA-2025:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2958","reference_id":"RHSA-2025:2958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2959","reference_id":"RHSA-2025:2959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2960","reference_id":"RHSA-2025:2960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3009","reference_id":"RHSA-2025:3009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3013","reference_id":"RHSA-2025:3013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3036","reference_id":"RHSA-2025:3036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3036"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1938"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pcrz-f3nj-kybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42003?format=json","vulnerability_id":"VCID-qtcm-9z3v-dydn","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0241","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22319","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22396","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22413","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22411","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22361","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22212","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22199","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22191","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22086","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22166","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22245","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22214","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22237","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22504","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22547","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22335","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22417","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22472","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336168","reference_id":"2336168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336168"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1933023","reference_id":"show_bug.cgi?id=1933023","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1933023"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0241"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtcm-9z3v-dydn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61339?format=json","vulnerability_id":"VCID-qw3q-xg7s-wbd7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26695.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26695","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12479","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12666","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12398","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12607","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12557","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12672","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15175","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1497","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15062","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15052","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15097","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1551","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15451","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15509","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15469","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351146","reference_id":"2351146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351146"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T18:51:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T18:51:16Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1883039","reference_id":"show_bug.cgi?id=1883039","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T18:51:16Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1883039"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-26695"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qw3q-xg7s-wbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41993?format=json","vulnerability_id":"VCID-qzb8-5u9j-27g1","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11700.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11700","reference_id":"","reference_type":"","scores":[{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41568","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41615","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41594","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41585","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.4158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.41608","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50154","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50151","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50136","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50143","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5007","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50099","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50051","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5008","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50177","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11700"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328938","reference_id":"2328938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328938"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1836921","reference_id":"show_bug.cgi?id=1836921","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1836921"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11700"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzb8-5u9j-27g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41999?format=json","vulnerability_id":"VCID-r7ss-g876-c7fg","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0237","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28036","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30414","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30979","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.31026","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30903","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30933","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30935","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30893","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30848","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30879","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30859","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30391","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30399","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30323","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30346","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.312","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30845","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30998","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31076","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336182","reference_id":"2336182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336182"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915257","reference_id":"show_bug.cgi?id=1915257","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1915257"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0237"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7ss-g876-c7fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42002?format=json","vulnerability_id":"VCID-tgpf-32kg-rqc2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0240","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14964","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14941","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14906","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14868","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14706","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14714","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14773","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1481","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14808","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14752","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14633","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1476","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14849","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1484","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14885","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.148","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1489","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336188","reference_id":"2336188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336188"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929623","reference_id":"show_bug.cgi?id=1929623","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1929623"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0240"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tgpf-32kg-rqc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42005?format=json","vulnerability_id":"VCID-ukf2-qcjg-u7bg","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0243","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08686","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08435","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08508","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08527","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08521","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08503","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08488","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08379","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08363","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08481","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08417","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08562","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0864","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0861","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08634","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0846","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08516","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336175","reference_id":"2336175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336175"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783","reference_id":"buglist.cgi?bug_id=1827142%2C1932783","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-01/","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-02/","reference_id":"mfsa2025-02","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-04/","reference_id":"mfsa2025-04","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-05/","reference_id":"mfsa2025-05","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-05/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0080","reference_id":"RHSA-2025:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0132","reference_id":"RHSA-2025:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0133","reference_id":"RHSA-2025:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0134","reference_id":"RHSA-2025:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0135","reference_id":"RHSA-2025:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0136","reference_id":"RHSA-2025:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0137","reference_id":"RHSA-2025:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0138","reference_id":"RHSA-2025:0138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0144","reference_id":"RHSA-2025:0144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0147","reference_id":"RHSA-2025:0147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0162","reference_id":"RHSA-2025:0162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0165","reference_id":"RHSA-2025:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0166","reference_id":"RHSA-2025:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0167","reference_id":"RHSA-2025:0167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0275","reference_id":"RHSA-2025:0275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0281","reference_id":"RHSA-2025:0281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0284","reference_id":"RHSA-2025:0284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0286","reference_id":"RHSA-2025:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0287","reference_id":"RHSA-2025:0287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0287"},{"reference_url":"https://usn.ubuntu.com/7191-1/","reference_id":"USN-7191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7191-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-0243"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukf2-qcjg-u7bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48294?format=json","vulnerability_id":"VCID-upvn-56py-8ud7","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1933","reference_id":"","reference_type":"","scores":[{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59586","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59567","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.5951","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59503","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59535","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59555","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61078","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61126","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.6112","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61097","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65581","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65536","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65489","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.6551","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65513","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65502","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65484","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65627","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65571","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65552","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349794","reference_id":"2349794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349794"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1946004","reference_id":"show_bug.cgi?id=1946004","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1946004"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1933"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upvn-56py-8ud7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48292?format=json","vulnerability_id":"VCID-w6j3-6a6j-uqf1","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1931","reference_id":"","reference_type":"","scores":[{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55319","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55295","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55315","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59781","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59936","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59871","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59888","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59828","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59818","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59833","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59816","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00387","scoring_system":"epss","scoring_elements":"0.59845","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65614","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65565","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65535","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0049","scoring_system":"epss","scoring_elements":"0.65531","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349786","reference_id":"2349786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349786"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944126","reference_id":"show_bug.cgi?id=1944126","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944126"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1931"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6j3-6a6j-uqf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41992?format=json","vulnerability_id":"VCID-w7gj-shrq-3fcz","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11699","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26109","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26104","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26163","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26208","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26152","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26085","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26313","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30075","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30486","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30305","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30191","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.3011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.2997","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30042","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30051","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.29981","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30002","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32054","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328947","reference_id":"2328947","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328947"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911","reference_id":"buglist.cgi?bug_id=1880582%2C1929911","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911"},{"reference_url":"https://security.gentoo.org/glsa/202501-10","reference_id":"GLSA-202501-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-10"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10591","reference_id":"RHSA-2024:10591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10592","reference_id":"RHSA-2024:10592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10667","reference_id":"RHSA-2024:10667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10702","reference_id":"RHSA-2024:10702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10703","reference_id":"RHSA-2024:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10704","reference_id":"RHSA-2024:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10710","reference_id":"RHSA-2024:10710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10733","reference_id":"RHSA-2024:10733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10734","reference_id":"RHSA-2024:10734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10742","reference_id":"RHSA-2024:10742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10743","reference_id":"RHSA-2024:10743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10745","reference_id":"RHSA-2024:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10748","reference_id":"RHSA-2024:10748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10752","reference_id":"RHSA-2024:10752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10844","reference_id":"RHSA-2024:10844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10848","reference_id":"RHSA-2024:10848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10849","reference_id":"RHSA-2024:10849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10880","reference_id":"RHSA-2024:10880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10881","reference_id":"RHSA-2024:10881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10881"},{"reference_url":"https://usn.ubuntu.com/7134-1/","reference_id":"USN-7134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-11699"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7gj-shrq-3fcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48308?format=json","vulnerability_id":"VCID-x7r6-efsn-sqhx","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3031.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3031","reference_id":"","reference_type":"","scores":[{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44043","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43946","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43976","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51555","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51517","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51567","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51608","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51616","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51595","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51549","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51515","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51459","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51508","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51554","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51544","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51504","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51558","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51599","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51578","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3031"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356560","reference_id":"2356560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356560"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202509-02","reference_id":"GLSA-202509-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-20/","reference_id":"mfsa2025-20","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:37:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-23/","reference_id":"mfsa2025-23","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:37:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-23/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1947141","reference_id":"show_bug.cgi?id=1947141","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:37:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1947141"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-3031"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7r6-efsn-sqhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48298?format=json","vulnerability_id":"VCID-y7sk-dmau-4fam","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1936","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35873","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35876","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35888","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39605","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39618","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39589","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39524","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39654","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3974","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39755","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39928","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3952","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39545","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64894","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64903","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64959","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.64976","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349797","reference_id":"2349797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349797"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940027","reference_id":"show_bug.cgi?id=1940027","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1940027"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1936"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7sk-dmau-4fam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48293?format=json","vulnerability_id":"VCID-z8cr-rten-qqg2","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1932","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39565","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.3954","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39626","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39637","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39609","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39544","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.3976","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39774","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40024","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40004","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40054","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43189","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43252","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43241","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43274","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349796","reference_id":"2349796","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349796"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944313","reference_id":"show_bug.cgi?id=1944313","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1944313"},{"reference_url":"https://usn.ubuntu.com/7334-1/","reference_id":"USN-7334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7334-1/"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2025-1932"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8cr-rten-qqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48291?format=json","vulnerability_id":"VCID-zefw-etrb-z3fu","summary":"Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43097","reference_id":"","reference_type":"","scores":[{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.7605","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75928","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75939","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75948","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75977","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76001","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75986","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75856","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.7588","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75861","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75855","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75892","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75895","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75919","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://source.android.com/security/bulletin/2024-12-01","reference_id":"2024-12-01","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/"}],"url":"https://source.android.com/security/bulletin/2024-12-01"},{"reference_url":"https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7","reference_id":"8d355fe1d0795fc30b84194b87563f75c6f8f2a7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/"}],"url":"https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7"},{"reference_url":"https://security.gentoo.org/glsa/202505-02","reference_id":"GLSA-202505-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-02"},{"reference_url":"https://security.gentoo.org/glsa/202505-03","reference_id":"GLSA-202505-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-03"},{"reference_url":"https://security.gentoo.org/glsa/202505-08","reference_id":"GLSA-202505-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01","reference_id":"mfsa2025-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/85558?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@128.9.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}],"aliases":["CVE-2024-43097"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zefw-etrb-z3fu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@128.9.0"}