Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/411900?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "type": "apk", "namespace": "alpine", "name": "thunderbird", "version": "91.3.2-r0", "qualifiers": { "arch": "armv7", "distroversion": "v3.21", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "91.4.0-r0", "latest_non_vulnerable_version": "128.5.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50232?format=api", "vulnerability_id": "VCID-1e61-jk2b-aubw", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23994.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23994.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57347", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57368", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57388", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5732", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951364", "reference_id": "1951364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951364" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-23994" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1e61-jk2b-aubw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63204?format=api", "vulnerability_id": "VCID-1rj3-tt63-4yc1", "summary": "Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41705", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41672", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41657", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41831", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41924", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41851", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41911", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41935", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38497" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011098", "reference_id": "2011098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011098" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38497" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rj3-tt63-4yc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50238?format=api", "vulnerability_id": "VCID-2cd3-m37k-5ydh", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37293", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37304", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37207", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37374", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.374", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951371", "reference_id": "1951371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951371" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cd3-m37k-5ydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63203?format=api", "vulnerability_id": "VCID-2k99-39yt-gkbe", "summary": "During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77972", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77937", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77938", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.80992", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81025", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81051", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81058", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81076", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011097", "reference_id": "2011097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011097" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44", "reference_id": "mfsa2021-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38496" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2k99-39yt-gkbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31123?format=api", "vulnerability_id": "VCID-2syj-hbw7-fkbp", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70073", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69994", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69971", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70019", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70059", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70043", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.7003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69968", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.6998", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992419", "reference_id": "1992419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992419" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29988" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2syj-hbw7-fkbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31118?format=api", "vulnerability_id": "VCID-3zwq-1hwc-3fgj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69227", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69139", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69189", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6923", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69215", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69187", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69121", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69137", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69158", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982014", "reference_id": "1982014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982014" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29976" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zwq-1hwc-3fgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31119?format=api", "vulnerability_id": "VCID-4vt1-q4wj-87bm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6141", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61244", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61324", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992421", "reference_id": "1992421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992421" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29980" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4vt1-q4wj-87bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63211?format=api", "vulnerability_id": "VCID-5aga-y5nk-5fha", "summary": "A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would processing incorrectly, leading to an out-of-bounds read.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55499", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55491", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.5548", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55463", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55326", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55437", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55461", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.5544", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29964" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966830", "reference_id": "1966830", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966830" }, { "reference_url": "https://security.archlinux.org/AVG-2019", "reference_id": "AVG-2019", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2019" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23", "reference_id": "mfsa2021-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24", "reference_id": "mfsa2021-24", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26", "reference_id": "mfsa2021-26", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29964" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5aga-y5nk-5fha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31128?format=api", "vulnerability_id": "VCID-5qap-6r9b-6qbv", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38493.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38493.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.619", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61851", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61867", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61888", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61876", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61856", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61727", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61801", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61832", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61802", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38493" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002119", "reference_id": "2002119", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002119" }, { "reference_url": "https://security.archlinux.org/AVG-2344", "reference_id": "AVG-2344", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2344" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38", "reference_id": "mfsa2021-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39", "reference_id": "mfsa2021-39", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42", "reference_id": "mfsa2021-42", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3494", "reference_id": "RHSA-2021:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3495", "reference_id": "RHSA-2021:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3496", "reference_id": "RHSA-2021:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3497", "reference_id": "RHSA-2021:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3498", "reference_id": "RHSA-2021:3498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3499", "reference_id": "RHSA-2021:3499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3500", "reference_id": "RHSA-2021:3500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3501", "reference_id": "RHSA-2021:3501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3501" }, { "reference_url": "https://usn.ubuntu.com/5074-1/", "reference_id": "USN-5074-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5074-1/" }, { "reference_url": "https://usn.ubuntu.com/5146-1/", "reference_id": "USN-5146-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5146-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38493" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qap-6r9b-6qbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31117?format=api", "vulnerability_id": "VCID-66dg-7sm8-vbgx", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73003", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72911", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72963", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72968", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72962", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72905", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72916", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72936", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982013", "reference_id": "1982013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982013" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29970" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66dg-7sm8-vbgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63206?format=api", "vulnerability_id": "VCID-6fkp-5fzu-fydp", "summary": "Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38500.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38500.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77972", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77937", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0109", "scoring_system": "epss", "scoring_elements": "0.77938", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.80992", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81025", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81051", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81058", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0149", "scoring_system": "epss", "scoring_elements": "0.81076", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011100", "reference_id": "2011100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011100" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44", "reference_id": "mfsa2021-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38500" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fkp-5fzu-fydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31129?format=api", "vulnerability_id": "VCID-74zp-pzc4-efhm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38495.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38495.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67928", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.6794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67926", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.6789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67828", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67872", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67902", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38495" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002900", "reference_id": "2002900", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002900" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40", "reference_id": "mfsa2021-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41", "reference_id": "mfsa2021-41", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38495" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74zp-pzc4-efhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31127?format=api", "vulnerability_id": "VCID-7fvy-7hpe-kbej", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61103", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61061", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61081", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61094", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.60938", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61073", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61057", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61009", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61015", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38492" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002118", "reference_id": "2002118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002118" }, { "reference_url": "https://security.archlinux.org/AVG-2351", "reference_id": "AVG-2351", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2351" }, { "reference_url": "https://security.archlinux.org/AVG-2353", "reference_id": "AVG-2353", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2353" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38", "reference_id": "mfsa2021-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39", "reference_id": "mfsa2021-39", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40", "reference_id": "mfsa2021-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41", "reference_id": "mfsa2021-41", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42", "reference_id": "mfsa2021-42", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38492" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7fvy-7hpe-kbej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50212?format=api", "vulnerability_id": "VCID-8fu2-5gxg-ekhy", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23961.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70369", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.7027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70315", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.7033", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70353", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70264", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70294", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951367", "reference_id": "1951367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951367" }, { "reference_url": "https://security.archlinux.org/ASA-202102-1", "reference_id": "ASA-202102-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-1" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1492", "reference_id": "AVG-1492", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1492" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202102-01", "reference_id": "GLSA-202102-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202102-01" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-03", "reference_id": "mfsa2021-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4717-1/", "reference_id": "USN-4717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4717-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-23961" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fu2-5gxg-ekhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63242?format=api", "vulnerability_id": "VCID-9kc8-k5kc-u7em", "summary": "Firefox incorrectly accepted a newline in a HTTP/3 header, interpreting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29991.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29991.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56725", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56869", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56872", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5688", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5686", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56838", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56819", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5684", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56816", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56868", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29991" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995267", "reference_id": "1995267", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995267" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.archlinux.org/AVG-2301", "reference_id": "AVG-2301", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2301" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-37", "reference_id": "mfsa2021-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-37" }, { "reference_url": "https://usn.ubuntu.com/5047-1/", "reference_id": "USN-5047-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5047-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29991" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9kc8-k5kc-u7em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63207?format=api", "vulnerability_id": "VCID-9y48-sjn7-rqeu", "summary": "Mozilla developers and community members Kevin Brosnan, Mihai Alexandru Michis, and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66236", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66231", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.662", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71341", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71334", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.7136", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71333", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71374", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71387", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.7141", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38501" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011101", "reference_id": "2011101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011101" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38501" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9y48-sjn7-rqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31122?format=api", "vulnerability_id": "VCID-a659-299u-byfb", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69141", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69075", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69105", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69124", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69147", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69131", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69102", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69036", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69053", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992417", "reference_id": "1992417", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992417" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29986" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a659-299u-byfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56489?format=api", "vulnerability_id": "VCID-b2py-tgw4-hqh8", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2178", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21813", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21908", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21868", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21811", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21945", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21764", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21897", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951381", "reference_id": "1951381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951381" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29948" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2py-tgw4-hqh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31134?format=api", "vulnerability_id": "VCID-b8c2-qrxm-sybt", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56284", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56736", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56726", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.62945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63313", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019627", "reference_id": "2019627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019627" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38508" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b8c2-qrxm-sybt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31135?format=api", "vulnerability_id": "VCID-b911-qnc2-x3aj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60757", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60782", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61122", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61163", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66858", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67244", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019628", "reference_id": "2019628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019628" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38509" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b911-qnc2-x3aj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31131?format=api", "vulnerability_id": "VCID-c51s-yenc-4yab", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74085", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74091", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01301", "scoring_system": "epss", "scoring_elements": "0.79754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01301", "scoring_system": "epss", "scoring_elements": "0.79731", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01301", "scoring_system": "epss", "scoring_elements": "0.79725", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82332", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82297", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019622", "reference_id": "2019622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019622" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38504" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c51s-yenc-4yab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31130?format=api", "vulnerability_id": "VCID-ddem-1dt1-uff7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.7781", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77861", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77826", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.8041", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.80404", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.80431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.8042", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019621", "reference_id": "2019621", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019621" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38503" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddem-1dt1-uff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31115?format=api", "vulnerability_id": "VCID-dedv-96fb-vyhp", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58531", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58515", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58521", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58538", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58519", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58499", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58386", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58471", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58491", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58463", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966831", "reference_id": "1966831", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966831" }, { "reference_url": "https://security.archlinux.org/ASA-202106-22", "reference_id": "ASA-202106-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-22" }, { "reference_url": "https://security.archlinux.org/ASA-202106-3", "reference_id": "ASA-202106-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-3" }, { "reference_url": "https://security.archlinux.org/AVG-2018", "reference_id": "AVG-2018", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2018" }, { "reference_url": "https://security.archlinux.org/AVG-2035", "reference_id": "AVG-2035", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2035" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23", "reference_id": "mfsa2021-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24", "reference_id": "mfsa2021-24", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26", "reference_id": "mfsa2021-26", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2206", "reference_id": "RHSA-2021:2206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2208", "reference_id": "RHSA-2021:2208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2214", "reference_id": "RHSA-2021:2214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2233", "reference_id": "RHSA-2021:2233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2261", "reference_id": "RHSA-2021:2261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2262", "reference_id": "RHSA-2021:2262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2263", "reference_id": "RHSA-2021:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2264", "reference_id": "RHSA-2021:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2264" }, { "reference_url": "https://usn.ubuntu.com/4978-1/", "reference_id": "USN-4978-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4978-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29967" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dedv-96fb-vyhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50234?format=api", "vulnerability_id": "VCID-e38r-grgp-rfbn", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23998.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23998.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37215", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3728", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37291", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37257", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37229", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37195", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37387", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951366", "reference_id": "1951366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951366" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-23998" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e38r-grgp-rfbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31116?format=api", "vulnerability_id": "VCID-ea7p-189v-mqbq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29969.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29969.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60286", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60449", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60442", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60408", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60388", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60356", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60405", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60421", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982015", "reference_id": "1982015", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982015" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29969" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea7p-189v-mqbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63205?format=api", "vulnerability_id": "VCID-hhu1-cgcx-nfev", "summary": "During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50665", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50623", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50626", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50572", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50619", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72034", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38498" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011099", "reference_id": "2011099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011099" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38498" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhu1-cgcx-nfev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31133?format=api", "vulnerability_id": "VCID-jy6e-d578-nkcg", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64007", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67246", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67544", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67581", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67559", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67492", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019625", "reference_id": "2019625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019625" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38507" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jy6e-d578-nkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63201?format=api", "vulnerability_id": "VCID-k4e4-363e-xyff", "summary": "Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73172", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73182", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73202", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78883", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.81847", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.81874", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.8188", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.819", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019630", "reference_id": "2019630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019630" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-43534" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k4e4-363e-xyff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31125?format=api", "vulnerability_id": "VCID-kat5-hy8e-skah", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66836", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66858", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66871", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66877", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66845", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66773", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66811", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992423", "reference_id": "1992423", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992423" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29989" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kat5-hy8e-skah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63199?format=api", "vulnerability_id": "VCID-khsw-jwtm-8faq", "summary": "A use-after-free could have occurred when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78883", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.81874", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.8188", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.81847", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.81817", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.81827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0163", "scoring_system": "epss", "scoring_elements": "0.8185", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019626", "reference_id": "2019626", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019626" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-43535" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khsw-jwtm-8faq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35138?format=api", "vulnerability_id": "VCID-mkyz-6v1k-wyen", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29987", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5421", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54203", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54199", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54249", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54231", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54129", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54151", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29987" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29987" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyz-6v1k-wyen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31132?format=api", "vulnerability_id": "VCID-n4kc-y37w-qkdk", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52992", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52943", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73634", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73647", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.7367", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75197", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75185", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019624", "reference_id": "2019624", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019624" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38506" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4kc-y37w-qkdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35136?format=api", "vulnerability_id": "VCID-q5ch-b97k-k3hp", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59638", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59506", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5958", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59574", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59625", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29982" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29982" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5ch-b97k-k3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63190?format=api", "vulnerability_id": "VCID-q77k-hc9g-9fhm", "summary": "The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service.*Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67306", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67287", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.673", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.6732", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67307", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67271", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67198", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67236", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29951" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961505", "reference_id": "1961505", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961505" }, { "reference_url": "https://security.archlinux.org/AVG-1914", "reference_id": "AVG-1914", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1914" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-18", "reference_id": "mfsa2021-18", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-19", "reference_id": "mfsa2021-19", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29951" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q77k-hc9g-9fhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50233?format=api", "vulnerability_id": "VCID-qq5h-5k45-rycm", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23995.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23995.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.7742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77337", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77377", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77404", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.7738", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77328", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77357", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951365", "reference_id": "1951365", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951365" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-23995" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qq5h-5k45-rycm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31121?format=api", "vulnerability_id": "VCID-qv8f-9y37-bbdk", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6141", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61244", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61324", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992422", "reference_id": "1992422", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992422" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29985" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv8f-9y37-bbdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63198?format=api", "vulnerability_id": "VCID-t769-2t1u-57b6", "summary": "Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.*This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57757", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57727", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57786", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57782", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57784", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.6336", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.633", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00444", "scoring_system": "epss", "scoring_elements": "0.63387", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019623", "reference_id": "2019623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019623" }, { "reference_url": "https://security.archlinux.org/AVG-2512", "reference_id": "AVG-2512", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2512" }, { "reference_url": "https://security.archlinux.org/AVG-2519", "reference_id": "AVG-2519", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2519" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38505" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t769-2t1u-57b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31126?format=api", "vulnerability_id": "VCID-teh4-fmg6-53ab", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85431", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85358", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85435", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85422", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85413", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85392", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85389", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.8537", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970109", "reference_id": "1970109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970109" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079", "reference_id": "990079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079" }, { "reference_url": "https://security.archlinux.org/ASA-202106-31", "reference_id": "ASA-202106-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-31" }, { "reference_url": "https://security.archlinux.org/ASA-202106-32", "reference_id": "ASA-202106-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-32" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2057", "reference_id": "AVG-2057", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2057" }, { "reference_url": "https://security.archlinux.org/AVG-2058", "reference_id": "AVG-2058", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2058" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-30547" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-teh4-fmg6-53ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50235?format=api", "vulnerability_id": "VCID-tjtk-gghp-1kdf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35937", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35931", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35954", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35921", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35897", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35828", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36049", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951368", "reference_id": "1951368", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951368" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-23999" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjtk-gghp-1kdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63232?format=api", "vulnerability_id": "VCID-vgf2-x49m-cqde", "summary": "If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29957.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53697", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5382", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53798", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53783", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53717", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.5377", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53767", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961503", "reference_id": "1961503", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961503" }, { "reference_url": "https://security.archlinux.org/ASA-202105-29", "reference_id": "ASA-202105-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202105-29" }, { "reference_url": "https://security.archlinux.org/AVG-1964", "reference_id": "AVG-1964", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1964" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22", "reference_id": "mfsa2021-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2261", "reference_id": "RHSA-2021:2261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2262", "reference_id": "RHSA-2021:2262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2263", "reference_id": "RHSA-2021:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2264", "reference_id": "RHSA-2021:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2264" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29957" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgf2-x49m-cqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50236?format=api", "vulnerability_id": "VCID-vt2f-abwe-4ba2", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24002.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-24002.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63926", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63943", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63955", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63942", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63909", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63832", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63891", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63918", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951369", "reference_id": "1951369", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951369" }, { "reference_url": "https://security.archlinux.org/ASA-202104-3", "reference_id": "ASA-202104-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-3" }, { "reference_url": "https://security.archlinux.org/ASA-202104-4", "reference_id": "ASA-202104-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-4" }, { "reference_url": "https://security.archlinux.org/AVG-1834", "reference_id": "AVG-1834", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1834" }, { "reference_url": "https://security.archlinux.org/AVG-1836", "reference_id": "AVG-1836", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1836" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-24002" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vt2f-abwe-4ba2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38344?format=api", "vulnerability_id": "VCID-vtjf-sufh-p3h4", "summary": "crossbeam-deque Data Race before v0.7.4 and v0.8.1\n### Impact\n\nIn the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, this still can cause a logical bug.\n\nCrates using `Stealer::steal`, `Stealer::steal_batch`, or `Stealer::steal_batch_and_pop` are affected by this issue.\n\n### Patches\n\nThis has been fixed in crossbeam-deque 0.8.1 and 0.7.4.\n\n### Credits\n\nThis issue was reported and fixed by Maor Kleinberger.\n\n### License\n\nThis advisory is in the public domain.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77847", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.7782", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77815", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77777", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.7777", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.77979", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.7798", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32810" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/crossbeam-rs/crossbeam", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/crossbeam-rs/crossbeam" }, { "reference_url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32810" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0093.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0093.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990342", "reference_id": "1990342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146", "reference_id": "993146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://github.com/advisories/GHSA-pqqp-xmhj-wgcw", "reference_id": "GHSA-pqqp-xmhj-wgcw", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqqp-xmhj-wgcw" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-32810", "GHSA-pqqp-xmhj-wgcw" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtjf-sufh-p3h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50237?format=api", "vulnerability_id": "VCID-vtwu-x1vt-x3bq", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61237", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61272", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61116", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61222", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951370", "reference_id": "1951370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951370" }, { "reference_url": "https://security.archlinux.org/AVG-1835", "reference_id": "AVG-1835", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1835" }, { "reference_url": "https://security.archlinux.org/AVG-1837", "reference_id": "AVG-1837", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1837" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14", "reference_id": "mfsa2021-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15", "reference_id": "mfsa2021-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16", "reference_id": "mfsa2021-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1350", "reference_id": "RHSA-2021:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1351", "reference_id": "RHSA-2021:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1352", "reference_id": "RHSA-2021:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1353", "reference_id": "RHSA-2021:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1360", "reference_id": "RHSA-2021:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1361", "reference_id": "RHSA-2021:1361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1362", "reference_id": "RHSA-2021:1362", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1363", "reference_id": "RHSA-2021:1363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1363" }, { "reference_url": "https://usn.ubuntu.com/4926-1/", "reference_id": "USN-4926-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4926-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29945" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwu-x1vt-x3bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31120?format=api", "vulnerability_id": "VCID-w68x-99b7-7qgs", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.6358", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63562", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63595", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63583", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71375", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71357", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992420", "reference_id": "1992420", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992420" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29984" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w68x-99b7-7qgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63233?format=api", "vulnerability_id": "VCID-wzpf-nter-m3dv", "summary": "OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32857", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32901", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32861", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32987", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33022", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32921", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961504", "reference_id": "1961504", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961504" }, { "reference_url": "https://security.archlinux.org/ASA-202105-29", "reference_id": "ASA-202105-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202105-29" }, { "reference_url": "https://security.archlinux.org/AVG-1964", "reference_id": "AVG-1964", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1964" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22", "reference_id": "mfsa2021-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2261", "reference_id": "RHSA-2021:2261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2262", "reference_id": "RHSA-2021:2262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2263", "reference_id": "RHSA-2021:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2264", "reference_id": "RHSA-2021:2264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2264" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29956" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzpf-nter-m3dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35134?format=api", "vulnerability_id": "VCID-x8sj-apw2-e3h6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63432", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6345", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6337", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29981" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-29981" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8sj-apw2-e3h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63200?format=api", "vulnerability_id": "VCID-yfmg-82tr-gfec", "summary": "The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38510", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64398", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64433", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64446", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64467", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0047", "scoring_system": "epss", "scoring_elements": "0.64535", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0047", "scoring_system": "epss", "scoring_elements": "0.64482", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0047", "scoring_system": "epss", "scoring_elements": "0.64564", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38510" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019629", "reference_id": "2019629", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019629" }, { "reference_url": "https://security.archlinux.org/AVG-2512", "reference_id": "AVG-2512", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2512" }, { "reference_url": "https://security.archlinux.org/AVG-2519", "reference_id": "AVG-2519", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2519" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38510" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yfmg-82tr-gfec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63202?format=api", "vulnerability_id": "VCID-zwz9-pt55-t3c6", "summary": "Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64057", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64176", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64168", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.6414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64114", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64141", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.641", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64151", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64167", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64179", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013469", "reference_id": "2013469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013469" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/411900?format=api", "purl": "pkg:apk/alpine/thunderbird@91.3.2-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-38502" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zwz9-pt55-t3c6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.3.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community" }