Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/306003?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "type": "apk", "namespace": "alpine", "name": "thunderbird", "version": "91.3.2-r0", "qualifiers": { "arch": "x86", "distroversion": "v3.22", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "91.4.0-r0", "latest_non_vulnerable_version": "128.5.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1273?format=api", "vulnerability_id": "VCID-1cnr-28vc-sqcy", "summary": "Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70438", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70417", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70458", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70467", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70449", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992421", "reference_id": "1992421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992421" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29980" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cnr-28vc-sqcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1259?format=api", "vulnerability_id": "VCID-1h7r-rcqz-abay", "summary": "The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash.\n*Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59266", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59241", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59291", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59294", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59285", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951370", "reference_id": "1951370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951370" }, { "reference_url": "https://security.archlinux.org/AVG-1835", "reference_id": "AVG-1835", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1835" }, { "reference_url": "https://security.archlinux.org/AVG-1837", "reference_id": "AVG-1837", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1837" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29945" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1h7r-rcqz-abay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1289?format=api", "vulnerability_id": "VCID-473a-9b6z-bufs", "summary": "The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67381", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67361", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67402", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67409", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67397", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019625", "reference_id": "2019625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019625" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38507" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-473a-9b6z-bufs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1293?format=api", "vulnerability_id": "VCID-54pu-nmum-guhs", "summary": "The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38510", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.621", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62071", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62119", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62127", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62115", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38510" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019629", "reference_id": "2019629", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019629" }, { "reference_url": "https://security.archlinux.org/AVG-2512", "reference_id": "AVG-2512", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2512" }, { "reference_url": "https://security.archlinux.org/AVG-2519", "reference_id": "AVG-2519", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2519" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38510" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54pu-nmum-guhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1253?format=api", "vulnerability_id": "VCID-5fw4-9nf9-h3d7", "summary": "A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23994.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23994.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60782", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60755", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60804", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60811", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60799", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951364", "reference_id": "1951364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951364" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-23994" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5fw4-9nf9-h3d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1270?format=api", "vulnerability_id": "VCID-5h5r-wcta-a7au", "summary": "A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.6951", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69485", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69524", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69532", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69522", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992417", "reference_id": "1992417", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992417" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29986" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5h5r-wcta-a7au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1372?format=api", "vulnerability_id": "VCID-65qx-jkez-8fgd", "summary": "If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29957.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44823", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5412", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54056", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5411", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54113", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961503", "reference_id": "1961503", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961503" }, { "reference_url": "https://security.archlinux.org/ASA-202105-29", "reference_id": "ASA-202105-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202105-29" }, { "reference_url": "https://security.archlinux.org/AVG-1964", "reference_id": "AVG-1964", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1964" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22", "reference_id": "mfsa2021-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2261", "reference_id": "RHSA-2021:2261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2262", "reference_id": "RHSA-2021:2262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2263", "reference_id": "RHSA-2021:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2264", "reference_id": "RHSA-2021:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2264" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29957" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65qx-jkez-8fgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1257?format=api", "vulnerability_id": "VCID-7ex1-ufcv-5yg8", "summary": "If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4667", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46648", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46715", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46717", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46698", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951368", "reference_id": "1951368", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951368" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-23999" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ex1-ufcv-5yg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1260?format=api", "vulnerability_id": "VCID-7nqh-truu-7khb", "summary": "Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37025", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.36998", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37089", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37096", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37064", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951371", "reference_id": "1951371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951371" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7nqh-truu-7khb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1292?format=api", "vulnerability_id": "VCID-7s6p-8cx2-bybs", "summary": "Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61472", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61447", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61494", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61501", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61489", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019628", "reference_id": "2019628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019628" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38509" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7s6p-8cx2-bybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1317?format=api", "vulnerability_id": "VCID-85sw-xvhm-nyhk", "summary": "Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59947", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59926", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59973", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59976", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59965", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29982" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29982" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85sw-xvhm-nyhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1290?format=api", "vulnerability_id": "VCID-8x8f-1u2g-subu", "summary": "A use-after-free could have occurred when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.79145", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.79159", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.79165", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.79156", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.79133", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019626", "reference_id": "2019626", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019626" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-43535" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8x8f-1u2g-subu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1275?format=api", "vulnerability_id": "VCID-918z-26zm-67hc", "summary": "Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety bugs present in Thunderbird 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67218", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67202", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67243", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67251", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67235", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992423", "reference_id": "1992423", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992423" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29989" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-918z-26zm-67hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1327?format=api", "vulnerability_id": "VCID-ab23-e5u8-ykck", "summary": "Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10132", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21988", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2192", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21939", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22002", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951381", "reference_id": "1951381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951381" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29948" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ab23-e5u8-ykck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1315?format=api", "vulnerability_id": "VCID-ak6t-tsyf-p3ga", "summary": "An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.6213", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62111", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62126", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62138", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62082", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29981" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29981" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ak6t-tsyf-p3ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1294?format=api", "vulnerability_id": "VCID-awaj-87fh-hbfj", "summary": "Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.79145", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.79193", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.79219", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.79225", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.79216", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019630", "reference_id": "2019630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019630" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-43534" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-awaj-87fh-hbfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1285?format=api", "vulnerability_id": "VCID-bnuz-8g1t-ybc2", "summary": "The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.78194", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.78203", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.78196", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.7817", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0118", "scoring_system": "epss", "scoring_elements": "0.79104", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019621", "reference_id": "2019621", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019621" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38503" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnuz-8g1t-ybc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1287?format=api", "vulnerability_id": "VCID-bsrv-bkzk-pfhh", "summary": "Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.*This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58034", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.5805", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58059", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58048", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019623", "reference_id": "2019623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019623" }, { "reference_url": "https://security.archlinux.org/AVG-2512", "reference_id": "AVG-2512", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2512" }, { "reference_url": "https://security.archlinux.org/AVG-2519", "reference_id": "AVG-2519", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2519" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38505" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsrv-bkzk-pfhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1300?format=api", "vulnerability_id": "VCID-cjrw-f991-e7fr", "summary": "Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38500.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38500.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01084", "scoring_system": "epss", "scoring_elements": "0.78224", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01084", "scoring_system": "epss", "scoring_elements": "0.78212", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01084", "scoring_system": "epss", "scoring_elements": "0.78238", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01084", "scoring_system": "epss", "scoring_elements": "0.78246", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01084", "scoring_system": "epss", "scoring_elements": "0.78236", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011100", "reference_id": "2011100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011100" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44", "reference_id": "mfsa2021-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38500" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjrw-f991-e7fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1286?format=api", "vulnerability_id": "VCID-d78u-x2t8-vkfg", "summary": "When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80034", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80019", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80045", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.8005", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80044", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019622", "reference_id": "2019622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019622" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38504" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d78u-x2t8-vkfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1254?format=api", "vulnerability_id": "VCID-fhb3-5sbs-s7cq", "summary": "When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23995.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23995.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73814", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73803", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73839", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73844", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.7383", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951365", "reference_id": "1951365", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951365" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-23995" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhb3-5sbs-s7cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1393?format=api", "vulnerability_id": "VCID-g7z8-217k-3ygy", "summary": "Firefox incorrectly accepted a newline in a HTTP/3 header, interpreting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29991.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29991.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.5421", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54185", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54208", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54218", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29991" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995267", "reference_id": "1995267", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995267" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.archlinux.org/AVG-2301", "reference_id": "AVG-2301", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2301" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-37", "reference_id": "mfsa2021-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-37" }, { "reference_url": "https://usn.ubuntu.com/5047-1/", "reference_id": "USN-5047-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5047-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29991" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g7z8-217k-3ygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1299?format=api", "vulnerability_id": "VCID-hsg8-3bpf-b3ex", "summary": "In the crossbeam crate, one or more tasks in the worker queue could have been be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this could have caused a double free and a memory leak.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78328", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78341", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78342", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78316", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78351", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32810" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/crossbeam-rs/crossbeam", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/crossbeam-rs/crossbeam" }, { "reference_url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32810" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0093.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0093.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990342", "reference_id": "1990342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146", "reference_id": "993146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://github.com/advisories/GHSA-pqqp-xmhj-wgcw", "reference_id": "GHSA-pqqp-xmhj-wgcw", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqqp-xmhj-wgcw" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-32810", "GHSA-pqqp-xmhj-wgcw" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsg8-3bpf-b3ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1268?format=api", "vulnerability_id": "VCID-j7v9-pfg1-v3c7", "summary": "Mozilla developers Emil Ghitta, Tyson Smith, Valentin Gosu, Olli Pettay, and Randell Jesup reported memory safety bugs present in Firefox 89 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.69115", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.69088", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.69128", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.69137", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.6913", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982014", "reference_id": "1982014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982014" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29976" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7v9-pfg1-v3c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1325?format=api", "vulnerability_id": "VCID-jpj8-5u2e-4ycf", "summary": "When delegating navigations to the operating system, Thunderbird would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode.\n*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61406", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61383", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.6143", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61437", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61423", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38492" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002118", "reference_id": "2002118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002118" }, { "reference_url": "https://security.archlinux.org/AVG-2351", "reference_id": "AVG-2351", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2351" }, { "reference_url": "https://security.archlinux.org/AVG-2353", "reference_id": "AVG-2353", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2353" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38", "reference_id": "mfsa2021-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39", "reference_id": "mfsa2021-39", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40", "reference_id": "mfsa2021-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41", "reference_id": "mfsa2021-41", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42", "reference_id": "mfsa2021-42", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38492" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jpj8-5u2e-4ycf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1320?format=api", "vulnerability_id": "VCID-maga-jq3w-1bfk", "summary": "Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Firefox 88 and Firefox ESR 78.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58821", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58791", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58838", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58844", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58836", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966831", "reference_id": "1966831", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966831" }, { "reference_url": "https://security.archlinux.org/ASA-202106-22", "reference_id": "ASA-202106-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-22" }, { "reference_url": "https://security.archlinux.org/ASA-202106-3", "reference_id": "ASA-202106-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-3" }, { "reference_url": "https://security.archlinux.org/AVG-2018", "reference_id": "AVG-2018", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2018" }, { "reference_url": "https://security.archlinux.org/AVG-2035", "reference_id": "AVG-2035", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2035" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23", "reference_id": "mfsa2021-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24", "reference_id": "mfsa2021-24", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26", "reference_id": "mfsa2021-26", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2206", "reference_id": "RHSA-2021:2206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2208", "reference_id": "RHSA-2021:2208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2214", "reference_id": "RHSA-2021:2214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2233", "reference_id": "RHSA-2021:2233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2261", "reference_id": "RHSA-2021:2261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2262", "reference_id": "RHSA-2021:2262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2263", "reference_id": "RHSA-2021:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2264", "reference_id": "RHSA-2021:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2264" }, { "reference_url": "https://usn.ubuntu.com/4978-1/", "reference_id": "USN-4978-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4978-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29967" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-maga-jq3w-1bfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1261?format=api", "vulnerability_id": "VCID-mv47-mh43-wfg1", "summary": "A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug only affected Firefox when accessibility was enabled.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.008", "scoring_system": "epss", "scoring_elements": "0.74399", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.008", "scoring_system": "epss", "scoring_elements": "0.74391", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.008", "scoring_system": "epss", "scoring_elements": "0.74423", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.008", "scoring_system": "epss", "scoring_elements": "0.74428", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.008", "scoring_system": "epss", "scoring_elements": "0.74416", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982013", "reference_id": "1982013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982013" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29970" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mv47-mh43-wfg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1272?format=api", "vulnerability_id": "VCID-n657-bctg-1few", "summary": "Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.639", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63873", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63915", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63922", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63913", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992420", "reference_id": "1992420", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992420" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29984" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n657-bctg-1few" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1295?format=api", "vulnerability_id": "VCID-n78y-94vg-6kek", "summary": "Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.60069", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64524", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.6448", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64533", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64521", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013469", "reference_id": "2013469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013469" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38502" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n78y-94vg-6kek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1301?format=api", "vulnerability_id": "VCID-ngd6-get5-bkda", "summary": "Mozilla developers and community members Kevin Brosnan, Mihai Alexandru Michis, and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6643", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66411", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66452", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6646", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66444", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38501" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011101", "reference_id": "2011101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011101" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38501" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngd6-get5-bkda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1258?format=api", "vulnerability_id": "VCID-ppcj-1ng5-53hq", "summary": "When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24002.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24002.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.58182", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.5815", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.582", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.58209", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.58197", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951369", "reference_id": "1951369", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951369" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-24002" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcj-1ng5-53hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1326?format=api", "vulnerability_id": "VCID-pq8z-akw6-cfad", "summary": "Mozilla developers Tyson Smith, Christian Holler, and Gabriele Svelto reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38495.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38495.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67917", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67901", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67914", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67877", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67924", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38495" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002900", "reference_id": "2002900", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002900" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40", "reference_id": "mfsa2021-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41", "reference_id": "mfsa2021-41", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38495" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pq8z-akw6-cfad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1319?format=api", "vulnerability_id": "VCID-rkmm-7vbf-vych", "summary": "A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would processing incorrectly, leading to an out-of-bounds read.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5449", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54454", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54511", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54521", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29964" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966830", "reference_id": "1966830", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966830" }, { "reference_url": "https://security.archlinux.org/AVG-2019", "reference_id": "AVG-2019", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2019" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23", "reference_id": "mfsa2021-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24", "reference_id": "mfsa2021-24", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26", "reference_id": "mfsa2021-26", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29964" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkmm-7vbf-vych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1278?format=api", "vulnerability_id": "VCID-smj8-23ww-4qhq", "summary": "The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service.*Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65832", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.6582", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.6583", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65844", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67616", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29951" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961505", "reference_id": "1961505", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961505" }, { "reference_url": "https://security.archlinux.org/AVG-1914", "reference_id": "AVG-1914", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1914" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-18", "reference_id": "mfsa2021-18", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-19", "reference_id": "mfsa2021-19", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29951" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-smj8-23ww-4qhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1298?format=api", "vulnerability_id": "VCID-tx7n-22r1-m7fh", "summary": "During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71094", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71076", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71119", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71125", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71108", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38498" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011099", "reference_id": "2011099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011099" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38498" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tx7n-22r1-m7fh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1291?format=api", "vulnerability_id": "VCID-unnb-hcmb-tqep", "summary": "By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56958", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56926", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56977", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56985", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56972", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019627", "reference_id": "2019627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019627" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38508" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-unnb-hcmb-tqep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1296?format=api", "vulnerability_id": "VCID-v22e-ctub-efbx", "summary": "During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.78287", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.78275", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.78301", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.78309", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.78298", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011097", "reference_id": "2011097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011097" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44", "reference_id": "mfsa2021-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38496" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v22e-ctub-efbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1288?format=api", "vulnerability_id": "VCID-w3cg-uv84-q3g5", "summary": "Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00865", "scoring_system": "epss", "scoring_elements": "0.75478", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00865", "scoring_system": "epss", "scoring_elements": "0.75469", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00865", "scoring_system": "epss", "scoring_elements": "0.75498", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00865", "scoring_system": "epss", "scoring_elements": "0.75502", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00865", "scoring_system": "epss", "scoring_elements": "0.75492", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019624", "reference_id": "2019624", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019624" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-38506" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w3cg-uv84-q3g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1263?format=api", "vulnerability_id": "VCID-w6kt-w2ua-myfm", "summary": "An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02512", "scoring_system": "epss", "scoring_elements": "0.85673", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02512", "scoring_system": "epss", "scoring_elements": "0.85664", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02512", "scoring_system": "epss", "scoring_elements": "0.85686", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02512", "scoring_system": "epss", "scoring_elements": "0.85691", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02512", "scoring_system": "epss", "scoring_elements": "0.85688", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970109", "reference_id": "1970109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970109" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079", "reference_id": "990079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079" }, { "reference_url": "https://security.archlinux.org/ASA-202106-31", "reference_id": "ASA-202106-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-31" }, { "reference_url": "https://security.archlinux.org/ASA-202106-32", "reference_id": "ASA-202106-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-32" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2057", "reference_id": "AVG-2057", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2057" }, { "reference_url": "https://security.archlinux.org/AVG-2058", "reference_id": "AVG-2058", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2058" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-30547" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6kt-w2ua-myfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1271?format=api", "vulnerability_id": "VCID-wqye-9ny7-e7a3", "summary": "Thunderbird incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70438", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70417", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70458", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70467", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70449", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992419", "reference_id": "1992419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992419" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29988" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqye-9ny7-e7a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1373?format=api", "vulnerability_id": "VCID-wt46-dnb6-53g6", "summary": "OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25771", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32444", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32404", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32405", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32475", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961504", "reference_id": "1961504", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961504" }, { "reference_url": "https://security.archlinux.org/ASA-202105-29", "reference_id": "ASA-202105-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202105-29" }, { "reference_url": "https://security.archlinux.org/AVG-1964", "reference_id": "AVG-1964", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1964" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22", "reference_id": "mfsa2021-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2261", "reference_id": "RHSA-2021:2261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2262", "reference_id": "RHSA-2021:2262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2263", "reference_id": "RHSA-2021:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2264", "reference_id": "RHSA-2021:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2264" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29956" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wt46-dnb6-53g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1274?format=api", "vulnerability_id": "VCID-yny3-7vjj-kyga", "summary": "A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6172", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61692", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6174", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61747", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61735", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992422", "reference_id": "1992422", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992422" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-29985" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yny3-7vjj-kyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1255?format=api", "vulnerability_id": "VCID-zjej-aua1-abbc", "summary": "Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23998.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23998.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.36998", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.36972", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37062", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37069", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37037", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951366", "reference_id": "1951366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951366" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-23998" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjej-aua1-abbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1256?format=api", "vulnerability_id": "VCID-zuvn-gw4m-47c9", "summary": "Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23961.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66378", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66349", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66399", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66407", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66392", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951367", "reference_id": "1951367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951367" }, { "reference_url": "https://security.archlinux.org/ASA-202102-1", "reference_id": "ASA-202102-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-1" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1492", "reference_id": "AVG-1492", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1492" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202102-01", "reference_id": "GLSA-202102-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202102-01" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-03", "reference_id": "mfsa2021-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4717-1/", "reference_id": "USN-4717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4717-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/306003?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2021-23961" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zuvn-gw4m-47c9" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=x86&distroversion=v3.22&reponame=community" }