Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/940860?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/940860?format=api", "purl": "pkg:deb/debian/thunderbird@1:91.4.1-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "thunderbird", "version": "1:91.4.1-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:91.5.0-1", "latest_non_vulnerable_version": "1:140.10.0esr-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11799?format=api", "vulnerability_id": "VCID-1mm2-4b1k-afat", "summary": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nThe olm_session_describe function in Matrix libolm is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80619", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80503", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80585", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80586", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80589", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80615", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80509", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80531", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80521", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.8055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.8056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01416", "scoring_system": "epss", "scoring_elements": "0.80556", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.matrix.org/matrix-org/olm/-/tags", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.matrix.org/matrix-org/olm/-/tags" }, { "reference_url": "https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk", "reference_id": "", "reference_type": "", "scores": [], "url": "https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001664", "reference_id": "1001664", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001664" }, { "reference_url": "https://security.archlinux.org/AVG-2638", "reference_id": "AVG-2638", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2638" }, { "reference_url": "https://security.archlinux.org/AVG-2639", "reference_id": "AVG-2639", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2639" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44538", "reference_id": "CVE-2021-44538", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44538" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-55", "reference_id": "mfsa2021-55", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-55" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940858?format=api", "purl": "pkg:deb/debian/thunderbird@1:91.4.1-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.4.1-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940860?format=api", "purl": "pkg:deb/debian/thunderbird@1:91.4.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.4.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940802?format=api", "purl": "pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940800?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940804?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940803?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067638?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077499?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-44538" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mm2-4b1k-afat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63212?format=api", "vulnerability_id": "VCID-pbhu-5gkn-qkb8", "summary": "When receiving an OpenPGP/MIME signed email message that contains an\nadditional outer MIME message layer, for example a message footer added by a\nmailing list gateway, Thunderbird only considered the inner signed message for\nthe signature validity. This gave the false impression that the additional contents\nwere also covered by the digital signature. Starting with Thunderbird version 91.4.1,\nonly the signature that belongs to the top level MIME part will be considered for\nthe displayed status.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56532", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56461", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56599", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56577", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56608", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56607", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56578", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56514", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56579", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56609", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56613", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56623", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-55", "reference_id": "mfsa2021-55", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2021-55/", "reference_id": "mfsa2021-55", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:36:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-55/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1732310", "reference_id": "show_bug.cgi?id=1732310", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:36:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1732310" }, { "reference_url": "https://usn.ubuntu.com/5246-1/", "reference_id": "USN-5246-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5246-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940858?format=api", "purl": "pkg:deb/debian/thunderbird@1:91.4.1-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.4.1-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940860?format=api", "purl": "pkg:deb/debian/thunderbird@1:91.4.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.4.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940802?format=api", "purl": "pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940800?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940804?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940803?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067638?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077499?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4126" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pbhu-5gkn-qkb8" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.4.1-1%3Fdistro=trixie" }