Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/74056?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "type": "ebuild", "namespace": "www-client", "name": "firefox-bin", "version": "97.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "102.3.0", "latest_non_vulnerable_version": "137.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31161?format=api", "vulnerability_id": "VCID-1phe-59fw-9qdt", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22739.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63483", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63466", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039573", "reference_id": "2039573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039573" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1744158", "reference_id": "show_bug.cgi?id=1744158", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1744158" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22739" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1phe-59fw-9qdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35159?format=api", "vulnerability_id": "VCID-2rzn-8a6r-5fhs", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54613", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54705", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58482", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58501", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58445", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58498", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43540" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43540" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rzn-8a6r-5fhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31123?format=api", "vulnerability_id": "VCID-2syj-hbw7-fkbp", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.7003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70043", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70059", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69968", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70019", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69971", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69994", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.6998", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992419", "reference_id": "1992419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992419" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29988" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2syj-hbw7-fkbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31147?format=api", "vulnerability_id": "VCID-2vyc-yhw7-muea", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58791", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58865", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62514", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63022", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62974", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63025", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63041", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63058", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63044", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030115", "reference_id": "2030115", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030115" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43546" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vyc-yhw7-muea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31118?format=api", "vulnerability_id": "VCID-3zwq-1hwc-3fgj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69187", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69158", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69139", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69189", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6923", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69215", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69121", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69137", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982014", "reference_id": "1982014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982014" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29976" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zwq-1hwc-3fgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31119?format=api", "vulnerability_id": "VCID-4vt1-q4wj-87bm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61244", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61324", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992421", "reference_id": "1992421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992421" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29980" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4vt1-q4wj-87bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35139?format=api", "vulnerability_id": "VCID-51b4-ba7r-qucd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63432", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6345", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6337", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63415", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29990" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29990" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51b4-ba7r-qucd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31128?format=api", "vulnerability_id": "VCID-5qap-6r9b-6qbv", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38493.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38493.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61856", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61802", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61851", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61867", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61888", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61876", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61727", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61801", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61832", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38493" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002119", "reference_id": "2002119", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002119" }, { "reference_url": "https://security.archlinux.org/AVG-2344", "reference_id": "AVG-2344", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2344" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38", "reference_id": "mfsa2021-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39", "reference_id": "mfsa2021-39", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42", "reference_id": "mfsa2021-42", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3494", "reference_id": "RHSA-2021:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3495", "reference_id": "RHSA-2021:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3496", "reference_id": "RHSA-2021:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3497", "reference_id": "RHSA-2021:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3498", "reference_id": "RHSA-2021:3498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3499", "reference_id": "RHSA-2021:3499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3500", "reference_id": "RHSA-2021:3500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3501", "reference_id": "RHSA-2021:3501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3501" }, { "reference_url": "https://usn.ubuntu.com/5074-1/", "reference_id": "USN-5074-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5074-1/" }, { "reference_url": "https://usn.ubuntu.com/5146-1/", "reference_id": "USN-5146-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5146-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38493" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qap-6r9b-6qbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31117?format=api", "vulnerability_id": "VCID-66dg-7sm8-vbgx", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72962", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72936", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72911", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72963", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72968", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72905", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.72916", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982013", "reference_id": "1982013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982013" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29970" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66dg-7sm8-vbgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31170?format=api", "vulnerability_id": "VCID-6f7n-yr9x-8fbw", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.6726", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67295", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67308", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67275", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67247", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67224", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039574", "reference_id": "2039574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039574" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011", "reference_id": "buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22751" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6f7n-yr9x-8fbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35172?format=api", "vulnerability_id": "VCID-71rh-2xhf-euf8", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58914", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58811", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58885", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58926", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5895", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58933", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58907", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0511" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-0511" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71rh-2xhf-euf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31143?format=api", "vulnerability_id": "VCID-7458-uqdr-5fg7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53783", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53829", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.53802", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55272", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55248", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55299", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55311", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.5529", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030111", "reference_id": "2030111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030111" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43541" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7458-uqdr-5fg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31129?format=api", "vulnerability_id": "VCID-74zp-pzc4-efhm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38495.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38495.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.6789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67902", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.6794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67926", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67828", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00548", "scoring_system": "epss", "scoring_elements": "0.67872", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38495" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002900", "reference_id": "2002900", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002900" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40", "reference_id": "mfsa2021-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41", "reference_id": "mfsa2021-41", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38495" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74zp-pzc4-efhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31171?format=api", "vulnerability_id": "VCID-89kx-fdvr-73cs", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09123", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09153", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09152", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0907", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09121", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053236", "reference_id": "2053236", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053236" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1750565", "reference_id": "show_bug.cgi?id=1750565", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1750565" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22754" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-89kx-fdvr-73cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35250?format=api", "vulnerability_id": "VCID-8dfd-mq2b-bqg5", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41097", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41128", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41131", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22757" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:31:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1720098", "reference_id": "show_bug.cgi?id=1720098", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:31:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1720098" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22757" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8dfd-mq2b-bqg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31159?format=api", "vulnerability_id": "VCID-8enx-7aa9-cqd3", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.6039", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60404", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60383", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60367", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.6035", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60318", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039567", "reference_id": "2039567", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039567" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745874", "reference_id": "show_bug.cgi?id=1745874", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745874" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22737" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8enx-7aa9-cqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35120?format=api", "vulnerability_id": "VCID-8v6f-5kdt-9qam", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.5998", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60117", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60053", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60103", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29974" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29974" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8v6f-5kdt-9qam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31122?format=api", "vulnerability_id": "VCID-a659-299u-byfb", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69102", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69131", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69147", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69036", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69124", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69105", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69075", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69053", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992417", "reference_id": "1992417", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992417" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29986" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a659-299u-byfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35236?format=api", "vulnerability_id": "VCID-b828-9v26-aqbv", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.7335", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73307", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.7334", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73354", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00761", "scoring_system": "epss", "scoring_elements": "0.73331", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22755" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:40:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309630", "reference_id": "show_bug.cgi?id=1309630", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:40:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309630" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22755" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b828-9v26-aqbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31134?format=api", "vulnerability_id": "VCID-b8c2-qrxm-sybt", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56284", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56726", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.62945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63313", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019627", "reference_id": "2019627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019627" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38508" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b8c2-qrxm-sybt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31135?format=api", "vulnerability_id": "VCID-b911-qnc2-x3aj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60757", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60782", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61122", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66858", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67244", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019628", "reference_id": "2019628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019628" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38509" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b911-qnc2-x3aj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31145?format=api", "vulnerability_id": "VCID-bqyj-qnak-eydy", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43543.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43543.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64168", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64156", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.6409", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.6414", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64157", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69681", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030113", "reference_id": "2030113", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030113" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43543" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqyj-qnak-eydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35119?format=api", "vulnerability_id": "VCID-bxgd-f6n7-r3cj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29972", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64479", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64483", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64464", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29972" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29972" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxgd-f6n7-r3cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31131?format=api", "vulnerability_id": "VCID-c51s-yenc-4yab", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74085", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74091", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01301", "scoring_system": "epss", "scoring_elements": "0.79725", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01301", "scoring_system": "epss", "scoring_elements": "0.79731", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82332", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82297", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019622", "reference_id": "2019622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019622" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38504" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c51s-yenc-4yab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31165?format=api", "vulnerability_id": "VCID-d194-2uh4-pug1", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62311", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62321", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62284", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62234", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039561", "reference_id": "2039561", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039561" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:30:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:30:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:30:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1739220", "reference_id": "show_bug.cgi?id=1739220", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:30:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1739220" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22743" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d194-2uh4-pug1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35125?format=api", "vulnerability_id": "VCID-d34y-zjxp-9ugj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64479", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64483", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64415", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64464", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29977" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29977" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d34y-zjxp-9ugj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31166?format=api", "vulnerability_id": "VCID-d9vf-maye-6ff7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64419", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64448", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64394", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.6446", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64447", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64432", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64423", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64383", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039570", "reference_id": "2039570", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039570" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735856", "reference_id": "show_bug.cgi?id=1735856", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735856" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22745" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d9vf-maye-6ff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31130?format=api", "vulnerability_id": "VCID-ddem-1dt1-uff7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.7781", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77826", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01079", "scoring_system": "epss", "scoring_elements": "0.77841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.8041", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.80404", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.80431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01405", "scoring_system": "epss", "scoring_elements": "0.8042", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019621", "reference_id": "2019621", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019621" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38503" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddem-1dt1-uff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31179?format=api", "vulnerability_id": "VCID-eyrw-5dmv-pqfe", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47042", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4699", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47023", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47038", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47065", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47041", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053243", "reference_id": "2053243", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053243" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279", "reference_id": "buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22764" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyrw-5dmv-pqfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31174?format=api", "vulnerability_id": "VCID-fa1y-hpcb-27gj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43392", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43407", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43389", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43438", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.4342", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43406", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43416", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43355", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053238", "reference_id": "2053238", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053238" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1740985", "reference_id": "show_bug.cgi?id=1740985", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1740985" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1748503", "reference_id": "show_bug.cgi?id=1748503", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1748503" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22760" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fa1y-hpcb-27gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31160?format=api", "vulnerability_id": "VCID-hn17-6nvj-9qfw", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66403", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66434", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66368", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66446", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66426", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66412", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66394", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66364", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039566", "reference_id": "2039566", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039566" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742382", "reference_id": "show_bug.cgi?id=1742382", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742382" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22738" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hn17-6nvj-9qfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31177?format=api", "vulnerability_id": "VCID-jj6t-1q5f-uyez", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62506", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62548", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62559", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62541", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053240", "reference_id": "2053240", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053240" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1740534", "reference_id": "show_bug.cgi?id=1740534", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1740534" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22763" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jj6t-1q5f-uyez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31133?format=api", "vulnerability_id": "VCID-jy6e-d578-nkcg", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64007", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67246", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67281", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67544", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67581", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67559", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67492", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019625", "reference_id": "2019625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019625" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38507" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jy6e-d578-nkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31125?format=api", "vulnerability_id": "VCID-kat5-hy8e-skah", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66845", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66877", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66773", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66871", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66858", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66836", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66811", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992423", "reference_id": "1992423", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992423" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29989" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kat5-hy8e-skah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31176?format=api", "vulnerability_id": "VCID-kpk1-e652-nkfa", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51499", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51457", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51459", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51419", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51465", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51478", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053239", "reference_id": "2053239", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053239" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745566", "reference_id": "show_bug.cgi?id=1745566", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745566" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22761" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kpk1-e652-nkfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35138?format=api", "vulnerability_id": "VCID-mkyz-6v1k-wyen", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29987", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5421", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54203", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54199", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54249", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54231", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54129", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54151", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29987" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29987" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyz-6v1k-wyen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35228?format=api", "vulnerability_id": "VCID-mqte-f1hw-2ya5", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61374", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61427", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61405", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61393", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61412", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22753" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053241", "reference_id": "2053241", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053241" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1732435", "reference_id": "show_bug.cgi?id=1732435", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1732435" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22753" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqte-f1hw-2ya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31162?format=api", "vulnerability_id": "VCID-mzbp-5r6m-27cm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.5044", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50374", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50399", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50406", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50403", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50353", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039565", "reference_id": "2039565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039565" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742334", "reference_id": "show_bug.cgi?id=1742334", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742334" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22740" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzbp-5r6m-27cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31132?format=api", "vulnerability_id": "VCID-n4kc-y37w-qkdk", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52992", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52943", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73634", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73647", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.7367", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75197", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019624", "reference_id": "2019624", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019624" }, { "reference_url": "https://security.archlinux.org/ASA-202111-2", "reference_id": "ASA-202111-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-2" }, { "reference_url": "https://security.archlinux.org/ASA-202111-3", "reference_id": "ASA-202111-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202111-3" }, { "reference_url": "https://security.archlinux.org/AVG-2511", "reference_id": "AVG-2511", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2511" }, { "reference_url": "https://security.archlinux.org/AVG-2518", "reference_id": "AVG-2518", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2518" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4116", "reference_id": "RHSA-2021:4116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4123", "reference_id": "RHSA-2021:4123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4130", "reference_id": "RHSA-2021:4130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4132", "reference_id": "RHSA-2021:4132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4133", "reference_id": "RHSA-2021:4133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4134", "reference_id": "RHSA-2021:4134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4605", "reference_id": "RHSA-2021:4605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4607", "reference_id": "RHSA-2021:4607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4607" }, { "reference_url": "https://usn.ubuntu.com/5131-1/", "reference_id": "USN-5131-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5131-1/" }, { "reference_url": "https://usn.ubuntu.com/5152-1/", "reference_id": "USN-5152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5152-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38506" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4kc-y37w-qkdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31114?format=api", "vulnerability_id": "VCID-n796-xf5e-pucq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18397", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18188", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18344", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19942", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19862", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20016", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19996", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19913", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039568", "reference_id": "2039568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039568" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:55:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:55:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:55:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1746720", "reference_id": "show_bug.cgi?id=1746720", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:55:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1746720" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-4140" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n796-xf5e-pucq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31172?format=api", "vulnerability_id": "VCID-q4bf-vh36-kye9", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50354", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.5039", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50348", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50355", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50325", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50352", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50366", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053237", "reference_id": "2053237", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053237" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317873", "reference_id": "show_bug.cgi?id=1317873", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317873" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22756" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4bf-vh36-kye9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35136?format=api", "vulnerability_id": "VCID-q5ch-b97k-k3hp", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59638", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59506", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5958", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59574", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29982" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29982" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5ch-b97k-k3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31142?format=api", "vulnerability_id": "VCID-qd4e-g5zv-1ucf", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43539.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76537", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76569", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.7658", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76606", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76585", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76522", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00967", "scoring_system": "epss", "scoring_elements": "0.76527", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030110", "reference_id": "2030110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030110" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43539" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qd4e-g5zv-1ucf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31169?format=api", "vulnerability_id": "VCID-qgvp-4eea-bkgm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63467", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63483", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63466", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039569", "reference_id": "2039569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039569" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1705211", "reference_id": "show_bug.cgi?id=1705211", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:55:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1705211" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22748" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgvp-4eea-bkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31121?format=api", "vulnerability_id": "VCID-qv8f-9y37-bbdk", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61244", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61324", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992422", "reference_id": "1992422", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992422" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29985" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv8f-9y37-bbdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31146?format=api", "vulnerability_id": "VCID-rq11-qm9e-7ubk", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45021", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46336", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46286", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46346", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46341", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69636", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69624", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030114", "reference_id": "2030114", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030114" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43545" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rq11-qm9e-7ubk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31126?format=api", "vulnerability_id": "VCID-teh4-fmg6-53ab", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85431", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85435", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85358", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85422", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85413", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85392", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.8537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02527", "scoring_system": "epss", "scoring_elements": "0.85389", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970109", "reference_id": "1970109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970109" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079", "reference_id": "990079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079" }, { "reference_url": "https://security.archlinux.org/ASA-202106-31", "reference_id": "ASA-202106-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-31" }, { "reference_url": "https://security.archlinux.org/ASA-202106-32", "reference_id": "ASA-202106-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-32" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/ASA-202107-21", "reference_id": "ASA-202107-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-21" }, { "reference_url": "https://security.archlinux.org/AVG-2057", "reference_id": "AVG-2057", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2057" }, { "reference_url": "https://security.archlinux.org/AVG-2058", "reference_id": "AVG-2058", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2058" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.archlinux.org/AVG-2152", "reference_id": "AVG-2152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2152" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29", "reference_id": "mfsa2021-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30", "reference_id": "mfsa2021-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2740", "reference_id": "RHSA-2021:2740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2741", "reference_id": "RHSA-2021:2741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2742", "reference_id": "RHSA-2021:2742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2743", "reference_id": "RHSA-2021:2743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2881", "reference_id": "RHSA-2021:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2882", "reference_id": "RHSA-2021:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2883", "reference_id": "RHSA-2021:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2914", "reference_id": "RHSA-2021:2914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2914" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-30547" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-teh4-fmg6-53ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31141?format=api", "vulnerability_id": "VCID-utn7-mdgr-z7em", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51009", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50951", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51005", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51047", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51026", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50915", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50968", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030109", "reference_id": "2030109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030109" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43538" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utn7-mdgr-z7em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31139?format=api", "vulnerability_id": "VCID-vc9x-hjtc-q3f1", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65979", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68351", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68353", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.6837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68384", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030105", "reference_id": "2030105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030105" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43536" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vc9x-hjtc-q3f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35121?format=api", "vulnerability_id": "VCID-vx1t-x168-4bb8", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.5998", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60117", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60053", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60103", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29975" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202107-20", "reference_id": "ASA-202107-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-20" }, { "reference_url": "https://security.archlinux.org/AVG-2148", "reference_id": "AVG-2148", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2148" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28", "reference_id": "mfsa2021-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28" }, { "reference_url": "https://usn.ubuntu.com/5011-1/", "reference_id": "USN-5011-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5011-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29975" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vx1t-x168-4bb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35292?format=api", "vulnerability_id": "VCID-vy64-w5qh-duhp", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5251", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52451", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52446", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52498", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52527", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52479", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22762" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:31:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743931", "reference_id": "show_bug.cgi?id=1743931", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:31:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743931" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22762" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vy64-w5qh-duhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31120?format=api", "vulnerability_id": "VCID-w68x-99b7-7qgs", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63562", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63595", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.6358", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71357", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00673", "scoring_system": "epss", "scoring_elements": "0.71375", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992420", "reference_id": "1992420", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992420" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2270", "reference_id": "AVG-2270", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2270" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34", "reference_id": "mfsa2021-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35", "reference_id": "mfsa2021-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3154", "reference_id": "RHSA-2021:3154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3155", "reference_id": "RHSA-2021:3155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3156", "reference_id": "RHSA-2021:3156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3157", "reference_id": "RHSA-2021:3157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3159", "reference_id": "RHSA-2021:3159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3160", "reference_id": "RHSA-2021:3160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3161", "reference_id": "RHSA-2021:3161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3162", "reference_id": "RHSA-2021:3162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3162" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5058-1/", "reference_id": "USN-5058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5058-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29984" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w68x-99b7-7qgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35134?format=api", "vulnerability_id": "VCID-x8sj-apw2-e3h6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63432", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6345", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6337", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29981" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202108-14", "reference_id": "ASA-202108-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202108-14" }, { "reference_url": "https://security.archlinux.org/AVG-2269", "reference_id": "AVG-2269", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2269" }, { "reference_url": "https://security.archlinux.org/AVG-2291", "reference_id": "AVG-2291", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2291" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33", "reference_id": "mfsa2021-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36", "reference_id": "mfsa2021-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-36" }, { "reference_url": "https://usn.ubuntu.com/5037-1/", "reference_id": "USN-5037-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5037-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-29981" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8sj-apw2-e3h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35258?format=api", "vulnerability_id": "VCID-xa7t-851a-efey", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35781", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35832", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35821", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35951", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22758" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:26:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1728742", "reference_id": "show_bug.cgi?id=1728742", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:26:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1728742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22758" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xa7t-851a-efey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31163?format=api", "vulnerability_id": "VCID-xp3b-fyfq-xbbq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22741.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64331", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64342", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64329", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64315", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64266", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039564", "reference_id": "2039564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039564" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:29:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:29:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:29:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1740389", "reference_id": "show_bug.cgi?id=1740389", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:29:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1740389" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22741" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xp3b-fyfq-xbbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31140?format=api", "vulnerability_id": "VCID-xud3-4s7g-rkcv", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67212", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67274", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.6725", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68236", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68243", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68258", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68282", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.6827", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030106", "reference_id": "2030106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030106" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43537" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xud3-4s7g-rkcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31173?format=api", "vulnerability_id": "VCID-y12a-2bn1-vkdz", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22759.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22759.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49907", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49914", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49859", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.4988", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49898", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49897", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053242", "reference_id": "2053242", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053242" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0510", "reference_id": "RHSA-2022:0510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0511", "reference_id": "RHSA-2022:0511", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0512", "reference_id": "RHSA-2022:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0513", "reference_id": "RHSA-2022:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0514", "reference_id": "RHSA-2022:0514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0535", "reference_id": "RHSA-2022:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0536", "reference_id": "RHSA-2022:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0537", "reference_id": "RHSA-2022:0537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0538", "reference_id": "RHSA-2022:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0539", "reference_id": "RHSA-2022:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0539" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1739957", "reference_id": "show_bug.cgi?id=1739957", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1739957" }, { "reference_url": "https://usn.ubuntu.com/5284-1/", "reference_id": "USN-5284-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5284-1/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22759" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y12a-2bn1-vkdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31168?format=api", "vulnerability_id": "VCID-y43f-tmvr-hqas", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32419", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32446", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32582", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32454", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039572", "reference_id": "2039572", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039572" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735028", "reference_id": "show_bug.cgi?id=1735028", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735028" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" }, { "reference_url": "https://usn.ubuntu.com/5506-1/", "reference_id": "USN-5506-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5506-1/" }, { "reference_url": "https://usn.ubuntu.com/5872-1/", "reference_id": "USN-5872-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5872-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22747" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y43f-tmvr-hqas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31164?format=api", "vulnerability_id": "VCID-y7wn-9j43-jba3", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54893", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54922", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54923", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54904", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.54873", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039563", "reference_id": "2039563", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039563" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0123", "reference_id": "RHSA-2022:0123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0124", "reference_id": "RHSA-2022:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0125", "reference_id": "RHSA-2022:0125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0126", "reference_id": "RHSA-2022:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0127", "reference_id": "RHSA-2022:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0128", "reference_id": "RHSA-2022:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0129", "reference_id": "RHSA-2022:0129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0130", "reference_id": "RHSA-2022:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0131", "reference_id": "RHSA-2022:0131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0132", "reference_id": "RHSA-2022:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0132" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1739923", "reference_id": "show_bug.cgi?id=1739923", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1739923" }, { "reference_url": "https://usn.ubuntu.com/5229-1/", "reference_id": "USN-5229-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5229-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2022-22742" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y7wn-9j43-jba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31144?format=api", "vulnerability_id": "VCID-yuex-f2ae-ffft", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43542.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43542.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70094", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70121", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70106", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.70998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.7095", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.70992", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71007", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.7103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71014", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030112", "reference_id": "2030112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030112" }, { "reference_url": "https://security.archlinux.org/ASA-202112-8", "reference_id": "ASA-202112-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-8" }, { "reference_url": "https://security.archlinux.org/ASA-202112-9", "reference_id": "ASA-202112-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202112-9" }, { "reference_url": "https://security.archlinux.org/AVG-2606", "reference_id": "AVG-2606", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2606" }, { "reference_url": "https://security.archlinux.org/AVG-2608", "reference_id": "AVG-2608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2608" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5186-1/", "reference_id": "USN-5186-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5186-1/" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-43542" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yuex-f2ae-ffft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31113?format=api", "vulnerability_id": "VCID-z19z-zu3b-5khe", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4129.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4129.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52738", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52762", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54123", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54222", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54173", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54204", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54184", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030116", "reference_id": "2030116", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030116" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421", "reference_id": "buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-52" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2021-52/", "reference_id": "mfsa2021-52", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-52/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2021-53/", "reference_id": "mfsa2021-53", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-53/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-54" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2021-54/", "reference_id": "mfsa2021-54", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-54/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5013", "reference_id": "RHSA-2021:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5014", "reference_id": "RHSA-2021:5014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5015", "reference_id": "RHSA-2021:5015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5016", "reference_id": "RHSA-2021:5016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5017", "reference_id": "RHSA-2021:5017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5045", "reference_id": "RHSA-2021:5045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5046", "reference_id": "RHSA-2021:5046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5047", "reference_id": "RHSA-2021:5047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5048", "reference_id": "RHSA-2021:5048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5055", "reference_id": "RHSA-2021:5055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5055" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-4129" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z19z-zu3b-5khe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35140?format=api", "vulnerability_id": "VCID-zcuv-sdrv-1ffy", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.5998", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60117", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60053", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60103", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38491" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-202109-2", "reference_id": "ASA-202109-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202109-2" }, { "reference_url": "https://security.archlinux.org/AVG-2350", "reference_id": "AVG-2350", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2350" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38", "reference_id": "mfsa2021-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38" }, { "reference_url": "https://usn.ubuntu.com/5074-1/", "reference_id": "USN-5074-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5074-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74055?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@91.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@91.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/74056?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@97.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" } ], "aliases": [ "CVE-2021-38491" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zcuv-sdrv-1ffy" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@97.0" }