Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:mozilla/Thunderbird@147.0.1
Typemozilla
Namespace
NameThunderbird
Version147.0.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version147.0.2
Latest_non_vulnerable_version149.0.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-qcxw-ds31-3ubd
vulnerability_id VCID-qcxw-ds31-3ubd
summary 
When a user explicitly requested Thunderbird to decrypt an inline
OpenPGP message that was embedded in a text section of an email
that was formatted and styled with HTML and CSS, then the
decrypted contents were rendered in a context in which the CSS
styles from the outer messages were active. If the user had
additionally allowed loading of the remote content referenced by
the outer email message, and the email was crafted by the sender
using a combination of CSS rules and fonts and animations, then
it was possible to extract the secret contents of the email.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0818.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0818.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-0818
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00374
published_at 2026-04-02T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00376
published_at 2026-04-04T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00512
published_at 2026-04-11T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00508
published_at 2026-04-16T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00509
published_at 2026-04-12T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00511
published_at 2026-04-13T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00515
published_at 2026-04-07T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00513
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-0818
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0818
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2433720
reference_id 2433720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2433720
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-07
reference_id mfsa2026-07
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-07
6
reference_url https://www.mozilla.org/security/advisories/mfsa2026-07/
reference_id mfsa2026-07
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T16:50:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-07/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-08
reference_id mfsa2026-08
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-08
8
reference_url https://www.mozilla.org/security/advisories/mfsa2026-08/
reference_id mfsa2026-08
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T16:50:27Z/
url https://www.mozilla.org/security/advisories/mfsa2026-08/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1881530
reference_id show_bug.cgi?id=1881530
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-28T16:50:27Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1881530
10
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:mozilla/Thunderbird@140.7.1
purl pkg:mozilla/Thunderbird@140.7.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@140.7.1
1
url pkg:mozilla/Thunderbird@147.0.1
purl pkg:mozilla/Thunderbird@147.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@147.0.1
aliases CVE-2026-0818
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcxw-ds31-3ubd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@147.0.1