Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@94.0-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 94.0-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 95.0-1

Latest_non_vulnerable_version 150.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2v3a-jr55-ybbj

vulnerability_id VCID-2v3a-jr55-ybbj

summary The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an authentication token used to takeover a user account. If a website tricked a user into copy and pasting the image link back to the page, the page would be able to steal the authentication tokens. This was fixed by making the action return the original URL, before any redirects.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43532

reference_id

reference_type

scores

value	0.00148
scoring_system	epss
scoring_elements	0.35198
published_at	2026-04-21T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.35247
published_at	2026-04-12T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.35223
published_at	2026-04-13T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.35262
published_at	2026-04-16T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.35248
published_at	2026-04-18T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.3521
published_at	2026-04-07T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.35254
published_at	2026-04-08T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.3528
published_at	2026-04-09T12:55:00Z

value	0.00148
scoring_system	epss
scoring_elements	0.35283
published_at	2026-04-11T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45267
published_at	2026-04-01T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45349
published_at	2026-04-02T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45369
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43532

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-43532

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2v3a-jr55-ybbj

url VCID-5tg2-vh52-5yhc

vulnerability_id VCID-5tg2-vh52-5yhc

summary When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should have access to. This was fixed to provide the pre-redirect URL. This is related to CVE-2021-43532 but in the context of Web Extensions.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43531

reference_id

reference_type

scores

value	0.00085
scoring_system	epss
scoring_elements	0.24683
published_at	2026-04-21T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24754
published_at	2026-04-12T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24698
published_at	2026-04-13T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24712
published_at	2026-04-16T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24704
published_at	2026-04-18T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24667
published_at	2026-04-07T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24735
published_at	2026-04-08T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24782
published_at	2026-04-09T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24795
published_at	2026-04-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33582
published_at	2026-04-01T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33913
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33945
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43531

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-43531

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tg2-vh52-5yhc

url VCID-b8c2-qrxm-sybt

vulnerability_id VCID-b8c2-qrxm-sybt

summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38508

reference_id

reference_type

scores

value	0.00334
scoring_system	epss
scoring_elements	0.56279
published_at	2026-04-08T12:55:00Z

value	0.00334
scoring_system	epss
scoring_elements	0.56284
published_at	2026-04-09T12:55:00Z

value	0.00334
scoring_system	epss
scoring_elements	0.56294
published_at	2026-04-11T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56726
published_at	2026-04-12T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56734
published_at	2026-04-18T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56707
published_at	2026-04-21T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56736
published_at	2026-04-16T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56705
published_at	2026-04-13T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63033
published_at	2026-04-04T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.62945
published_at	2026-04-01T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63004
published_at	2026-04-02T12:55:00Z

value	0.00443
scoring_system	epss
scoring_elements	0.63313
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019627
reference_id	2019627
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019627

reference_url	https://security.archlinux.org/ASA-202111-2
reference_id	ASA-202111-2
reference_type
scores
url	https://security.archlinux.org/ASA-202111-2

reference_url	https://security.archlinux.org/ASA-202111-3
reference_id	ASA-202111-3
reference_type
scores
url	https://security.archlinux.org/ASA-202111-3

reference_url

https://security.archlinux.org/AVG-2511

reference_id

AVG-2511

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2511

reference_url

https://security.archlinux.org/AVG-2518

reference_id

AVG-2518

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2518

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5131-1/
reference_id	USN-5131-1
reference_type
scores
url	https://usn.ubuntu.com/5131-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-38508

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8c2-qrxm-sybt

url VCID-b911-qnc2-x3aj

vulnerability_id VCID-b911-qnc2-x3aj

summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38509

reference_id

reference_type

scores

value	0.00401
scoring_system	epss
scoring_elements	0.60782
published_at	2026-04-11T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.60742
published_at	2026-04-08T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.60757
published_at	2026-04-09T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61142
published_at	2026-04-12T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61169
published_at	2026-04-18T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61151
published_at	2026-04-21T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61163
published_at	2026-04-16T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61122
published_at	2026-04-13T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66922
published_at	2026-04-04T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66896
published_at	2026-04-02T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66858
published_at	2026-04-01T12:55:00Z

value	0.00532
scoring_system	epss
scoring_elements	0.67244
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019628
reference_id	2019628
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019628

reference_url	https://security.archlinux.org/ASA-202111-2
reference_id	ASA-202111-2
reference_type
scores
url	https://security.archlinux.org/ASA-202111-2

reference_url	https://security.archlinux.org/ASA-202111-3
reference_id	ASA-202111-3
reference_type
scores
url	https://security.archlinux.org/ASA-202111-3

reference_url

https://security.archlinux.org/AVG-2511

reference_id

AVG-2511

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2511

reference_url

https://security.archlinux.org/AVG-2518

reference_id

AVG-2518

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2518

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5131-1/
reference_id	USN-5131-1
reference_type
scores
url	https://usn.ubuntu.com/5131-1/

reference_url	https://usn.ubuntu.com/5152-1/
reference_id	USN-5152-1
reference_type
scores
url	https://usn.ubuntu.com/5152-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-38509

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b911-qnc2-x3aj

url VCID-c51s-yenc-4yab

vulnerability_id VCID-c51s-yenc-4yab

summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38504

reference_id

reference_type

scores

value	0.00805
scoring_system	epss
scoring_elements	0.74085
published_at	2026-04-01T12:55:00Z

value	0.00805
scoring_system	epss
scoring_elements	0.74117
published_at	2026-04-04T12:55:00Z

value	0.00805
scoring_system	epss
scoring_elements	0.74091
published_at	2026-04-02T12:55:00Z

value	0.01301
scoring_system	epss
scoring_elements	0.79758
published_at	2026-04-21T12:55:00Z

value	0.01301
scoring_system	epss
scoring_elements	0.79731
published_at	2026-04-12T12:55:00Z

value	0.01301
scoring_system	epss
scoring_elements	0.79725
published_at	2026-04-13T12:55:00Z

value	0.01301
scoring_system	epss
scoring_elements	0.79754
published_at	2026-04-16T12:55:00Z

value	0.01301
scoring_system	epss
scoring_elements	0.79755
published_at	2026-04-18T12:55:00Z

value	0.01711
scoring_system	epss
scoring_elements	0.82351
published_at	2026-04-11T12:55:00Z

value	0.01711
scoring_system	epss
scoring_elements	0.82297
published_at	2026-04-07T12:55:00Z

value	0.01711
scoring_system	epss
scoring_elements	0.82324
published_at	2026-04-08T12:55:00Z

value	0.01711
scoring_system	epss
scoring_elements	0.82332
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019622
reference_id	2019622
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019622

reference_url	https://security.archlinux.org/ASA-202111-2
reference_id	ASA-202111-2
reference_type
scores
url	https://security.archlinux.org/ASA-202111-2

reference_url	https://security.archlinux.org/ASA-202111-3
reference_id	ASA-202111-3
reference_type
scores
url	https://security.archlinux.org/ASA-202111-3

reference_url

https://security.archlinux.org/AVG-2511

reference_id

AVG-2511

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2511

reference_url

https://security.archlinux.org/AVG-2518

reference_id

AVG-2518

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2518

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5131-1/
reference_id	USN-5131-1
reference_type
scores
url	https://usn.ubuntu.com/5131-1/

reference_url	https://usn.ubuntu.com/5152-1/
reference_id	USN-5152-1
reference_type
scores
url	https://usn.ubuntu.com/5152-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-38504

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c51s-yenc-4yab

url VCID-ddem-1dt1-uff7

vulnerability_id VCID-ddem-1dt1-uff7

summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38503

reference_id

reference_type

scores

value	0.01079
scoring_system	epss
scoring_elements	0.7781
published_at	2026-04-08T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.77815
published_at	2026-04-09T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.77854
published_at	2026-04-21T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.77861
published_at	2026-04-16T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.77825
published_at	2026-04-13T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.77826
published_at	2026-04-12T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.77841
published_at	2026-04-11T12:55:00Z

value	0.01079
scoring_system	epss
scoring_elements	0.7786
published_at	2026-04-18T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80431
published_at	2026-04-04T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80404
published_at	2026-04-01T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.8041
published_at	2026-04-02T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.8042
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019621
reference_id	2019621
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019621

reference_url	https://security.archlinux.org/ASA-202111-2
reference_id	ASA-202111-2
reference_type
scores
url	https://security.archlinux.org/ASA-202111-2

reference_url	https://security.archlinux.org/ASA-202111-3
reference_id	ASA-202111-3
reference_type
scores
url	https://security.archlinux.org/ASA-202111-3

reference_url

https://security.archlinux.org/AVG-2511

reference_id

AVG-2511

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2511

reference_url

https://security.archlinux.org/AVG-2518

reference_id

AVG-2518

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2518

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5131-1/
reference_id	USN-5131-1
reference_type
scores
url	https://usn.ubuntu.com/5131-1/

reference_url	https://usn.ubuntu.com/5152-1/
reference_id	USN-5152-1
reference_type
scores
url	https://usn.ubuntu.com/5152-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-38503

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddem-1dt1-uff7

url VCID-j2qz-wqhk-yfb6

vulnerability_id VCID-j2qz-wqhk-yfb6

summary A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code.*This bug only affects Firefox for Android. Other operating systems are unaffected.*

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43530

reference_id

reference_type

scores

value	0.06043
scoring_system	epss
scoring_elements	0.90749
published_at	2026-04-21T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90737
published_at	2026-04-12T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90734
published_at	2026-04-13T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90753
published_at	2026-04-16T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90751
published_at	2026-04-18T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90712
published_at	2026-04-07T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90723
published_at	2026-04-08T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90728
published_at	2026-04-09T12:55:00Z

value	0.06043
scoring_system	epss
scoring_elements	0.90738
published_at	2026-04-11T12:55:00Z

value	0.07071
scoring_system	epss
scoring_elements	0.91468
published_at	2026-04-01T12:55:00Z

value	0.07071
scoring_system	epss
scoring_elements	0.91475
published_at	2026-04-02T12:55:00Z

value	0.07071
scoring_system	epss
scoring_elements	0.91481
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43530

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-43530

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2qz-wqhk-yfb6

url VCID-jy6e-d578-nkcg

vulnerability_id VCID-jy6e-d578-nkcg

summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38507

reference_id

reference_type

scores

value	0.00459
scoring_system	epss
scoring_elements	0.64007
published_at	2026-04-01T12:55:00Z

value	0.00459
scoring_system	epss
scoring_elements	0.64093
published_at	2026-04-04T12:55:00Z

value	0.00459
scoring_system	epss
scoring_elements	0.64065
published_at	2026-04-02T12:55:00Z

value	0.00531
scoring_system	epss
scoring_elements	0.67272
published_at	2026-04-21T12:55:00Z

value	0.00531
scoring_system	epss
scoring_elements	0.67281
published_at	2026-04-16T12:55:00Z

value	0.00531
scoring_system	epss
scoring_elements	0.67246
published_at	2026-04-13T12:55:00Z

value	0.00531
scoring_system	epss
scoring_elements	0.67293
published_at	2026-04-18T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67559
published_at	2026-04-09T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67581
published_at	2026-04-11T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67492
published_at	2026-04-07T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67544
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019625
reference_id	2019625
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019625

reference_url	https://security.archlinux.org/ASA-202111-2
reference_id	ASA-202111-2
reference_type
scores
url	https://security.archlinux.org/ASA-202111-2

reference_url	https://security.archlinux.org/ASA-202111-3
reference_id	ASA-202111-3
reference_type
scores
url	https://security.archlinux.org/ASA-202111-3

reference_url

https://security.archlinux.org/AVG-2511

reference_id

AVG-2511

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2511

reference_url

https://security.archlinux.org/AVG-2518

reference_id

AVG-2518

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2518

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5131-1/
reference_id	USN-5131-1
reference_type
scores
url	https://usn.ubuntu.com/5131-1/

reference_url	https://usn.ubuntu.com/5152-1/
reference_id	USN-5152-1
reference_type
scores
url	https://usn.ubuntu.com/5152-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-38507

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jy6e-d578-nkcg

url VCID-k4e4-363e-xyff

vulnerability_id VCID-k4e4-363e-xyff

summary Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43534

reference_id

reference_type

scores

value	0.00754
scoring_system	epss
scoring_elements	0.73182
published_at	2026-04-02T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73202
published_at	2026-04-04T12:55:00Z

value	0.00754
scoring_system	epss
scoring_elements	0.73172
published_at	2026-04-01T12:55:00Z

value	0.01193
scoring_system	epss
scoring_elements	0.7888
published_at	2026-04-18T12:55:00Z

value	0.01193
scoring_system	epss
scoring_elements	0.78883
published_at	2026-04-16T12:55:00Z

value	0.01193
scoring_system	epss
scoring_elements	0.78864
published_at	2026-04-12T12:55:00Z

value	0.01193
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-13T12:55:00Z

value	0.01193
scoring_system	epss
scoring_elements	0.78877
published_at	2026-04-21T12:55:00Z

value	0.0163
scoring_system	epss
scoring_elements	0.81874
published_at	2026-04-08T12:55:00Z

value	0.0163
scoring_system	epss
scoring_elements	0.81847
published_at	2026-04-07T12:55:00Z

value	0.0163
scoring_system	epss
scoring_elements	0.8188
published_at	2026-04-09T12:55:00Z

value	0.0163
scoring_system	epss
scoring_elements	0.819
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019630
reference_id	2019630
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019630

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-43534

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4e4-363e-xyff

url VCID-n4kc-y37w-qkdk

vulnerability_id VCID-n4kc-y37w-qkdk

summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38506

reference_id

reference_type

scores

value	0.00297
scoring_system	epss
scoring_elements	0.52992
published_at	2026-04-04T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.52943
published_at	2026-04-01T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.52968
published_at	2026-04-02T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73599
published_at	2026-04-07T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73634
published_at	2026-04-08T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73647
published_at	2026-04-09T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.7367
published_at	2026-04-11T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75219
published_at	2026-04-21T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75197
published_at	2026-04-12T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75185
published_at	2026-04-13T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75222
published_at	2026-04-16T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75228
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019624
reference_id	2019624
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019624

reference_url	https://security.archlinux.org/ASA-202111-2
reference_id	ASA-202111-2
reference_type
scores
url	https://security.archlinux.org/ASA-202111-2

reference_url	https://security.archlinux.org/ASA-202111-3
reference_id	ASA-202111-3
reference_type
scores
url	https://security.archlinux.org/ASA-202111-3

reference_url

https://security.archlinux.org/AVG-2511

reference_id

AVG-2511

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2511

reference_url

https://security.archlinux.org/AVG-2518

reference_id

AVG-2518

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2518

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_id

mfsa2021-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_id

mfsa2021-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-50

reference_url	https://access.redhat.com/errata/RHSA-2021:4116
reference_id	RHSA-2021:4116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4116

reference_url	https://access.redhat.com/errata/RHSA-2021:4123
reference_id	RHSA-2021:4123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4123

reference_url	https://access.redhat.com/errata/RHSA-2021:4130
reference_id	RHSA-2021:4130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4130

reference_url	https://access.redhat.com/errata/RHSA-2021:4132
reference_id	RHSA-2021:4132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4132

reference_url	https://access.redhat.com/errata/RHSA-2021:4133
reference_id	RHSA-2021:4133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4133

reference_url	https://access.redhat.com/errata/RHSA-2021:4134
reference_id	RHSA-2021:4134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4134

reference_url	https://access.redhat.com/errata/RHSA-2021:4605
reference_id	RHSA-2021:4605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4605

reference_url	https://access.redhat.com/errata/RHSA-2021:4607
reference_id	RHSA-2021:4607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4607

reference_url	https://usn.ubuntu.com/5131-1/
reference_id	USN-5131-1
reference_type
scores
url	https://usn.ubuntu.com/5131-1/

reference_url	https://usn.ubuntu.com/5152-1/
reference_id	USN-5152-1
reference_type
scores
url	https://usn.ubuntu.com/5152-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-38506

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n4kc-y37w-qkdk

url VCID-z29z-sf3c-3ubb

vulnerability_id VCID-z29z-sf3c-3ubb

summary When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43533

reference_id

reference_type

scores

value	0.00186
scoring_system	epss
scoring_elements	0.40276
published_at	2026-04-21T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40393
published_at	2026-04-11T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40356
published_at	2026-04-12T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40336
published_at	2026-04-13T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40352
published_at	2026-04-18T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40319
published_at	2026-04-07T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.4037
published_at	2026-04-08T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40382
published_at	2026-04-16T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51707
published_at	2026-04-01T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51756
published_at	2026-04-02T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51782
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43533

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

reference_id

mfsa2021-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-48

fixed_packages

url	pkg:deb/debian/firefox@94.0-1?distro=sid
purl	pkg:deb/debian/firefox@94.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2021-43533

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z29z-sf3c-3ubb

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid

Package Instance