Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:mozilla/Thunderbird@3.1.16

Type mozilla

Namespace

Name Thunderbird

Version 3.1.16

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.1.17

Latest_non_vulnerable_version 149.0.2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7am3-r7mc-5qbu

vulnerability_id VCID-7am3-r7mc-5qbu

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3648.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3648.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3648

reference_id

reference_type

scores

value	0.00338
scoring_system	epss
scoring_elements	0.5669
published_at	2026-04-16T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56543
published_at	2026-04-01T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56639
published_at	2026-04-07T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56661
published_at	2026-04-04T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56691
published_at	2026-04-08T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56696
published_at	2026-04-09T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56704
published_at	2026-04-11T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56679
published_at	2026-04-12T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56658
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3648

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=751932
reference_id	751932
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=751932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3648
reference_id	CVE-2011-3648
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3648

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2011-47

reference_id

mfsa2011-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2011-47

reference_url	https://access.redhat.com/errata/RHSA-2011:1437
reference_id	RHSA-2011:1437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1437

reference_url	https://access.redhat.com/errata/RHSA-2011:1438
reference_id	RHSA-2011:1438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1438

reference_url	https://access.redhat.com/errata/RHSA-2011:1439
reference_id	RHSA-2011:1439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1439

reference_url	https://access.redhat.com/errata/RHSA-2011:1440
reference_id	RHSA-2011:1440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1440

reference_url	https://usn.ubuntu.com/1251-1/
reference_id	USN-1251-1
reference_type
scores
url	https://usn.ubuntu.com/1251-1/

reference_url	https://usn.ubuntu.com/1254-1/
reference_id	USN-1254-1
reference_type
scores
url	https://usn.ubuntu.com/1254-1/

reference_url	https://usn.ubuntu.com/1277-1/
reference_id	USN-1277-1
reference_type
scores
url	https://usn.ubuntu.com/1277-1/

reference_url	https://usn.ubuntu.com/1282-1/
reference_id	USN-1282-1
reference_type
scores
url	https://usn.ubuntu.com/1282-1/

fixed_packages

url	pkg:mozilla/Thunderbird@3.1.16
purl	pkg:mozilla/Thunderbird@3.1.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.16

url	pkg:mozilla/Thunderbird@8.0.0
purl	pkg:mozilla/Thunderbird@8.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@8.0.0

aliases CVE-2011-3648

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7am3-r7mc-5qbu

url VCID-vsdm-hzfp-ebgz

vulnerability_id VCID-vsdm-hzfp-ebgz

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3647.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3647.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3647

reference_id

reference_type

scores

value	0.00769
scoring_system	epss
scoring_elements	0.7354
published_at	2026-04-16T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73446
published_at	2026-04-01T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73455
published_at	2026-04-02T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73478
published_at	2026-04-04T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73449
published_at	2026-04-07T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73486
published_at	2026-04-08T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.735
published_at	2026-04-09T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73523
published_at	2026-04-11T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73504
published_at	2026-04-12T12:55:00Z

value	0.00769
scoring_system	epss
scoring_elements	0.73497
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3647

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=751931
reference_id	751931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=751931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3647
reference_id	CVE-2011-3647
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3647

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2011-46

reference_id

mfsa2011-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2011-46

reference_url	https://access.redhat.com/errata/RHSA-2011:1437
reference_id	RHSA-2011:1437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1437

reference_url	https://access.redhat.com/errata/RHSA-2011:1439
reference_id	RHSA-2011:1439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1439

reference_url	https://usn.ubuntu.com/1251-1/
reference_id	USN-1251-1
reference_type
scores
url	https://usn.ubuntu.com/1251-1/

reference_url	https://usn.ubuntu.com/1254-1/
reference_id	USN-1254-1
reference_type
scores
url	https://usn.ubuntu.com/1254-1/

fixed_packages

url	pkg:mozilla/Thunderbird@3.1.16
purl	pkg:mozilla/Thunderbird@3.1.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.16

aliases CVE-2011-3647

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsdm-hzfp-ebgz

url VCID-xbdy-6pwc-f7ej

vulnerability_id VCID-xbdy-6pwc-f7ej

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3650.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3650.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3650

reference_id

reference_type

scores

value	0.01271
scoring_system	epss
scoring_elements	0.79547
published_at	2026-04-16T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79468
published_at	2026-04-01T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79475
published_at	2026-04-02T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79498
published_at	2026-04-04T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79485
published_at	2026-04-07T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79513
published_at	2026-04-08T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79521
published_at	2026-04-09T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79543
published_at	2026-04-11T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79526
published_at	2026-04-12T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79517
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3650

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=751933
reference_id	751933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=751933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3650
reference_id	CVE-2011-3650
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3650

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2011-49

reference_id

mfsa2011-49

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2011-49

reference_url	https://access.redhat.com/errata/RHSA-2011:1437
reference_id	RHSA-2011:1437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1437

reference_url	https://access.redhat.com/errata/RHSA-2011:1439
reference_id	RHSA-2011:1439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1439

reference_url	https://usn.ubuntu.com/1251-1/
reference_id	USN-1251-1
reference_type
scores
url	https://usn.ubuntu.com/1251-1/

reference_url	https://usn.ubuntu.com/1254-1/
reference_id	USN-1254-1
reference_type
scores
url	https://usn.ubuntu.com/1254-1/

reference_url	https://usn.ubuntu.com/1277-1/
reference_id	USN-1277-1
reference_type
scores
url	https://usn.ubuntu.com/1277-1/

reference_url	https://usn.ubuntu.com/1282-1/
reference_id	USN-1282-1
reference_type
scores
url	https://usn.ubuntu.com/1282-1/

fixed_packages

url	pkg:mozilla/Thunderbird@3.1.16
purl	pkg:mozilla/Thunderbird@3.1.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.16

url	pkg:mozilla/Thunderbird@8.0.0
purl	pkg:mozilla/Thunderbird@8.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@8.0.0

aliases CVE-2011-3650

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbdy-6pwc-f7ej

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.16

Package Instance