Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/371196?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "type": "alpm", "namespace": "archlinux", "name": "firefox", "version": "88.0-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "89.0.1-1", "latest_non_vulnerable_version": "101.0-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63218?format=api", "vulnerability_id": "VCID-ndp1-5bhw-8kau", "summary": "When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48566", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48638", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48685", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48681", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48629", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48582", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48636", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48632", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.4865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48623", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29952" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961494", "reference_id": "1961494", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961494" }, { "reference_url": "https://security.archlinux.org/ASA-202105-5", "reference_id": "ASA-202105-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202105-5" }, { "reference_url": "https://security.archlinux.org/AVG-1917", "reference_id": "AVG-1917", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1917" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-20", "reference_id": "mfsa2021-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-20" }, { "reference_url": "https://usn.ubuntu.com/4942-1/", "reference_id": "USN-4942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4942-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372050?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kfj-m46a-bkd9" }, { "vulnerability": "VCID-2vy5-zebk-1bgk" }, { "vulnerability": "VCID-5aga-y5nk-5fha" }, { "vulnerability": "VCID-7knr-6rqg-8kcw" }, { "vulnerability": "VCID-dedv-96fb-vyhp" }, { "vulnerability": "VCID-s9ss-vz54-j3ha" }, { "vulnerability": "VCID-sbyn-4c25-h7gz" }, { "vulnerability": "VCID-vysb-zn1g-tuf5" }, { "vulnerability": "VCID-y2pv-1tm3-nqak" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0.1-1" } ], "aliases": [ "CVE-2021-29952" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ndp1-5bhw-8kau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63217?format=api", "vulnerability_id": "VCID-qm3n-zmh9-afgy", "summary": "By triggering multiple pop-up prompts containing javascript: URLs, a malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29953.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29953.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60103", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60262", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60268", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60275", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.6018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60205", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60174", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60223", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60259", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60228", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29953" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961493", "reference_id": "1961493", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961493" }, { "reference_url": "https://security.archlinux.org/AVG-1918", "reference_id": "AVG-1918", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1918" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-20", "reference_id": "mfsa2021-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-20" } ], "fixed_packages": [], "aliases": [ "CVE-2021-29953" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qm3n-zmh9-afgy" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50232?format=api", "vulnerability_id": "VCID-1e61-jk2b-aubw", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23994.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23994.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57347", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57368", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57388", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5732", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951364", "reference_id": "1951364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951364" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-23994" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1e61-jk2b-aubw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50238?format=api", "vulnerability_id": "VCID-2cd3-m37k-5ydh", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37218", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37293", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37304", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37272", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37207", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37374", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.374", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37279", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951371", "reference_id": "1951371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951371" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-29946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cd3-m37k-5ydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63193?format=api", "vulnerability_id": "VCID-7ddz-65jt-pudk", "summary": "Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42519", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42483", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42539", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42599", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42584", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42554", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42583", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42521", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42573", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42582", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42567", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23997" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-23997" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ddz-65jt-pudk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63195?format=api", "vulnerability_id": "VCID-8jkx-ad5d-e7cd", "summary": "A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50528", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.5041", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50546", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50551", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50448", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50502", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50499", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50541", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50518", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50503", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24001" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-24001" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jkx-ad5d-e7cd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50234?format=api", "vulnerability_id": "VCID-e38r-grgp-rfbn", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23998.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23998.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37204", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3728", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37291", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37257", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37229", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37195", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37215", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951366", "reference_id": "1951366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951366" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-23998" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e38r-grgp-rfbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63194?format=api", "vulnerability_id": "VCID-e6xd-fmsu-jkgn", "summary": "A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type=\"file\">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46184", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46313", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46309", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46226", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46245", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46193", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46249", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46274", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46246", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24000" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-24000" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6xd-fmsu-jkgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63197?format=api", "vulnerability_id": "VCID-ebus-cbbm-u3dn", "summary": "Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian Holler reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57367", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57236", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57345", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57372", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57341", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57386", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29947" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-29947" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebus-cbbm-u3dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50233?format=api", "vulnerability_id": "VCID-qq5h-5k45-rycm", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23995.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23995.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77412", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77377", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77404", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.7738", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.7742", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77328", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77357", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77337", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951365", "reference_id": "1951365", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951365" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-23995" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qq5h-5k45-rycm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63192?format=api", "vulnerability_id": "VCID-rmzq-gwbe-qyba", "summary": "By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50528", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.5041", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50546", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50551", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50448", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50502", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50499", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50541", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50518", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50503", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23996" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-23996" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmzq-gwbe-qyba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50235?format=api", "vulnerability_id": "VCID-tjtk-gghp-1kdf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35874", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35954", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35921", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35897", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35937", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35828", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36049", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35931", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951368", "reference_id": "1951368", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951368" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-23999" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjtk-gghp-1kdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50236?format=api", "vulnerability_id": "VCID-vt2f-abwe-4ba2", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24002.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24002.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63954", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63926", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63943", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63955", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63942", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63909", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63944", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63832", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63891", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63918", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63875", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951369", "reference_id": "1951369", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951369" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371196?format=api", "purl": "pkg:alpm/archlinux/firefox@88.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ndp1-5bhw-8kau" }, { "vulnerability": "VCID-qm3n-zmh9-afgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" } ], "aliases": [ "CVE-2021-24002" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vt2f-abwe-4ba2" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1" }