Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/226841?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "type": "apk", "namespace": "alpine", "name": "thunderbird", "version": "102.0-r0", "qualifiers": { "arch": "loongarch64", "distroversion": "v3.22", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "102.1.0-r0", "latest_non_vulnerable_version": "128.5.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170068?format=api", "vulnerability_id": "VCID-3cga-127u-cuau", "summary": "A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65308", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65208", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102161", "reference_id": "2102161", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102161" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745595", "reference_id": "show_bug.cgi?id=1745595", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745595" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34479" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3cga-127u-cuau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/169957?format=api", "vulnerability_id": "VCID-3p45-5aqy-hyd5", "summary": "Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71267", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71177", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102162", "reference_id": "2102162", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102162" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765951", "reference_id": "show_bug.cgi?id=1765951", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765951" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34470" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3p45-5aqy-hyd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/174299?format=api", "vulnerability_id": "VCID-6c3e-9azk-13cs", "summary": "An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature's date roughly matches the displayed date of the email. This vulnerability affects Thunderbird < 102 and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2226.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2226.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.4128", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41114", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102204", "reference_id": "2102204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102204" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:00:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1775441", "reference_id": "show_bug.cgi?id=1775441", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:00:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1775441" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-2226" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6c3e-9azk-13cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/167272?format=api", "vulnerability_id": "VCID-8u43-yjce-yfhc", "summary": "An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20679", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20501", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102165", "reference_id": "2102165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102165" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757604", "reference_id": "show_bug.cgi?id=1757604", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757604" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-31744" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8u43-yjce-yfhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170016?format=api", "vulnerability_id": "VCID-hh99-1cx8-nug4", "summary": "An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.67449", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.67359", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102163", "reference_id": "2102163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102163" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1768537", "reference_id": "show_bug.cgi?id=1768537", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1768537" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34468" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh99-1cx8-nug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170085?format=api", "vulnerability_id": "VCID-js4h-jgrr-zyeu", "summary": "The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51805", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51675", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102169", "reference_id": "2102169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102169" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651", "reference_id": "buglist.cgi?bug_id=1763634%2C1772651", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34484" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-js4h-jgrr-zyeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170061?format=api", "vulnerability_id": "VCID-qkrj-fmey-wbcy", "summary": "The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3532", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35142", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34478" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102167", "reference_id": "2102167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102167" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773717", "reference_id": "show_bug.cgi?id=1773717", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34478" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkrj-fmey-wbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12130?format=api", "vulnerability_id": "VCID-qtrr-k19m-zug1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.64358", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.6446", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102166", "reference_id": "2102166", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102166" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770123", "reference_id": "show_bug.cgi?id=1770123", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770123" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34472" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtrr-k19m-zug1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170153?format=api", "vulnerability_id": "VCID-zymu-f38n-1kfw", "summary": "In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43922", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43767", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102164", "reference_id": "2102164", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102164" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1497246", "reference_id": "show_bug.cgi?id=1497246", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1497246" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/226841?format=api", "purl": "pkg:apk/alpine/thunderbird@102.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/118014?format=api", "purl": "pkg:apk/alpine/thunderbird@102.1.0-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.1.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2022-34481" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zymu-f38n-1kfw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@102.0-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }