Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:mozilla/Thunderbird@128.10.1
Typemozilla
Namespace
NameThunderbird
Version128.10.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version128.10.2
Latest_non_vulnerable_version149.0.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-n3rs-11fq-wqc4
vulnerability_id VCID-n3rs-11fq-wqc4
summary 
Thunderbird parses addresses in a way that can allow sender
spoofing in case the server allows an invalid From address to be
used. For example, if the From header contains an (invalid) value
"Spoofed Name  ",
Thunderbird treats spoofed@example.com as the actual address.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3875.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3875.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-3875
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59184
published_at 2026-04-21T12:55:00Z
1
value 0.00375
scoring_system epss
scoring_elements 0.59116
published_at 2026-04-07T12:55:00Z
2
value 0.00375
scoring_system epss
scoring_elements 0.59167
published_at 2026-04-08T12:55:00Z
3
value 0.00375
scoring_system epss
scoring_elements 0.5918
published_at 2026-04-09T12:55:00Z
4
value 0.00375
scoring_system epss
scoring_elements 0.592
published_at 2026-04-11T12:55:00Z
5
value 0.00375
scoring_system epss
scoring_elements 0.59183
published_at 2026-04-12T12:55:00Z
6
value 0.00375
scoring_system epss
scoring_elements 0.59164
published_at 2026-04-13T12:55:00Z
7
value 0.00375
scoring_system epss
scoring_elements 0.59199
published_at 2026-04-16T12:55:00Z
8
value 0.00375
scoring_system epss
scoring_elements 0.59204
published_at 2026-04-18T12:55:00Z
9
value 0.00375
scoring_system epss
scoring_elements 0.59129
published_at 2026-04-02T12:55:00Z
10
value 0.00375
scoring_system epss
scoring_elements 0.59152
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-3875
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3875
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3875
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2366287
reference_id 2366287
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2366287
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-34
reference_id mfsa2025-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-34
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-34/
reference_id mfsa2025-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:52:16Z/
url https://www.mozilla.org/security/advisories/mfsa2025-34/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-35
reference_id mfsa2025-35
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-35
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-35/
reference_id mfsa2025-35
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:52:16Z/
url https://www.mozilla.org/security/advisories/mfsa2025-35/
8
reference_url https://access.redhat.com/errata/RHSA-2025:8196
reference_id RHSA-2025:8196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8196
9
reference_url https://access.redhat.com/errata/RHSA-2025:8203
reference_id RHSA-2025:8203
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8203
10
reference_url https://access.redhat.com/errata/RHSA-2025:8324
reference_id RHSA-2025:8324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8324
11
reference_url https://access.redhat.com/errata/RHSA-2025:8325
reference_id RHSA-2025:8325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8325
12
reference_url https://access.redhat.com/errata/RHSA-2025:8326
reference_id RHSA-2025:8326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8326
13
reference_url https://access.redhat.com/errata/RHSA-2025:8391
reference_id RHSA-2025:8391
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8391
14
reference_url https://access.redhat.com/errata/RHSA-2025:8507
reference_id RHSA-2025:8507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8507
15
reference_url https://access.redhat.com/errata/RHSA-2025:8594
reference_id RHSA-2025:8594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8594
16
reference_url https://access.redhat.com/errata/RHSA-2025:8756
reference_id RHSA-2025:8756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8756
17
reference_url https://access.redhat.com/errata/RHSA-2025:8784
reference_id RHSA-2025:8784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8784
18
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1950629
reference_id show_bug.cgi?id=1950629
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:52:16Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1950629
19
reference_url https://usn.ubuntu.com/7663-1/
reference_id USN-7663-1
reference_type
scores
url https://usn.ubuntu.com/7663-1/
fixed_packages
0
url pkg:mozilla/Thunderbird@128.10.1
purl pkg:mozilla/Thunderbird@128.10.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@128.10.1
1
url pkg:mozilla/Thunderbird@138.0.1
purl pkg:mozilla/Thunderbird@138.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@138.0.1
aliases CVE-2025-3875
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3rs-11fq-wqc4
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@128.10.1