Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/thunderbird@78.9.1-3

Type alpm

Namespace archlinux

Name thunderbird

Version 78.9.1-3

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 78.10.0-1

Latest_non_vulnerable_version 91.10-1

Affected_by_vulnerabilities

url VCID-5fw4-9nf9-h3d7

vulnerability_id VCID-5fw4-9nf9-h3d7

summary A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-23994

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5fw4-9nf9-h3d7

url VCID-7ex1-ufcv-5yg8

vulnerability_id VCID-7ex1-ufcv-5yg8

summary If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-23999

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ex1-ufcv-5yg8

url VCID-7nqh-truu-7khb

vulnerability_id VCID-7nqh-truu-7khb

summary Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-29946

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nqh-truu-7khb

url VCID-ab23-e5u8-ykck

vulnerability_id VCID-ab23-e5u8-ykck

summary Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-29948

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ab23-e5u8-ykck

url VCID-fhb3-5sbs-s7cq

vulnerability_id VCID-fhb3-5sbs-s7cq

summary When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-23995

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhb3-5sbs-s7cq

url VCID-ppcj-1ng5-53hq

vulnerability_id VCID-ppcj-1ng5-53hq

summary When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-24002

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcj-1ng5-53hq

url VCID-zjej-aua1-abbc

vulnerability_id VCID-zjej-aua1-abbc

summary Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-23998

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjej-aua1-abbc

url VCID-zuvn-gw4m-47c9

vulnerability_id VCID-zuvn-gw4m-47c9

summary Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202102-1
reference_id	ASA-202102-1
reference_type
scores
url	https://security.archlinux.org/ASA-202102-1

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1492

reference_id

AVG-1492

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1492

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-03

reference_id

mfsa2021-03

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

fixed_packages

url	pkg:alpm/archlinux/thunderbird@78.10.0-1
purl	pkg:alpm/archlinux/thunderbird@78.10.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.10.0-1

aliases CVE-2021-23961

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zuvn-gw4m-47c9

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.1-3

Package Instance