Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community

Type apk

Namespace alpine

Name thunderbird

Version 91.4.0-r0

Qualifiers

arch	riscv64
distroversion	v3.21
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 91.4.1-r0

Latest_non_vulnerable_version 128.5.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1bt3-9xbp-3ugu

vulnerability_id VCID-1bt3-9xbp-3ugu

summary An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43537.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43537.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43537

reference_id

reference_type

scores

value	0.00559
scoring_system	epss
scoring_elements	0.68629
published_at	2026-06-08T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68603
published_at	2026-06-04T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68644
published_at	2026-06-05T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68652
published_at	2026-06-06T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68645
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030106
reference_id	2030106
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030106

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43537

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bt3-9xbp-3ugu

url VCID-6drt-9b2u-m3hh

vulnerability_id VCID-6drt-9b2u-m3hh

summary

Thunderbird unexpectedly enabled JavaScript in the composition area.
The JavaScript execution context was limited to this area and did not
receive chrome-level privileges, but could be used as a stepping stone
to further an attack with other vulnerabilities.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43528.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43528.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43528

reference_id

reference_type

scores

value	0.00855
scoring_system	epss
scoring_elements	0.75354
published_at	2026-06-06T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.75332
published_at	2026-06-08T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.75322
published_at	2026-06-04T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.75345
published_at	2026-06-07T12:55:00Z

value	0.00855
scoring_system	epss
scoring_elements	0.75351
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030137
reference_id	2030137
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030137

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43528

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6drt-9b2u-m3hh

url VCID-6krg-whdf-sbfp

vulnerability_id VCID-6krg-whdf-sbfp

summary Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43542.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43542.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43542

reference_id

reference_type

scores

value	0.00735
scoring_system	epss
scoring_elements	0.73182
published_at	2026-06-08T12:55:00Z

value	0.00735
scoring_system	epss
scoring_elements	0.73169
published_at	2026-06-04T12:55:00Z

value	0.00735
scoring_system	epss
scoring_elements	0.73206
published_at	2026-06-05T12:55:00Z

value	0.00735
scoring_system	epss
scoring_elements	0.73213
published_at	2026-06-06T12:55:00Z

value	0.00735
scoring_system	epss
scoring_elements	0.73195
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030112
reference_id	2030112
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030112

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43542

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6krg-whdf-sbfp

url VCID-b4nd-9kkf-guhe

vulnerability_id VCID-b4nd-9kkf-guhe

summary Using the Location API in a loop could have caused severe application hangs and crashes.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43545.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43545.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43545

reference_id

reference_type

scores

value	0.00356
scoring_system	epss
scoring_elements	0.5818
published_at	2026-06-08T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58148
published_at	2026-06-04T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58198
published_at	2026-06-05T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58207
published_at	2026-06-06T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58195
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030114
reference_id	2030114
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030114

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43545

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4nd-9kkf-guhe

url VCID-c8kq-mxnk-rugf

vulnerability_id VCID-c8kq-mxnk-rugf

summary Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43539.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43539.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43539

reference_id

reference_type

scores

value	0.00967
scoring_system	epss
scoring_elements	0.7694
published_at	2026-06-08T12:55:00Z

value	0.00967
scoring_system	epss
scoring_elements	0.76922
published_at	2026-06-04T12:55:00Z

value	0.00967
scoring_system	epss
scoring_elements	0.76954
published_at	2026-06-05T12:55:00Z

value	0.00967
scoring_system	epss
scoring_elements	0.76963
published_at	2026-06-06T12:55:00Z

value	0.00967
scoring_system	epss
scoring_elements	0.76951
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030110
reference_id	2030110
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030110

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43539

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8kq-mxnk-rugf

url VCID-gu45-bq8y-wude

vulnerability_id VCID-gu45-bq8y-wude

summary It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43546.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43546

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.63377
published_at	2026-06-08T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63349
published_at	2026-06-04T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63392
published_at	2026-06-05T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.634
published_at	2026-06-06T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6339
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030115
reference_id	2030115
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030115

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43546

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu45-bq8y-wude

url VCID-mua8-1ggh-r7dr

vulnerability_id VCID-mua8-1ggh-r7dr

summary When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43541.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43541.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43541

reference_id

reference_type

scores

value	0.00356
scoring_system	epss
scoring_elements	0.58165
published_at	2026-06-08T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58133
published_at	2026-06-04T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58184
published_at	2026-06-05T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58193
published_at	2026-06-06T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.58181
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030111
reference_id	2030111
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030111

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43541

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mua8-1ggh-r7dr

url VCID-ncap-puz5-x7hj

vulnerability_id VCID-ncap-puz5-x7hj

summary Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43543.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43543.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43543

reference_id

reference_type

scores

value	0.00461
scoring_system	epss
scoring_elements	0.64498
published_at	2026-06-08T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64468
published_at	2026-06-04T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64511
published_at	2026-06-05T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.6452
published_at	2026-06-06T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64509
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030113
reference_id	2030113
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030113

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43543

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncap-puz5-x7hj

url VCID-pbb1-awzh-1ub2

vulnerability_id VCID-pbb1-awzh-1ub2

summary By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43538.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43538.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43538

reference_id

reference_type

scores

value	0.00275
scoring_system	epss
scoring_elements	0.51205
published_at	2026-06-08T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51188
published_at	2026-06-04T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.5125
published_at	2026-06-05T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51256
published_at	2026-06-06T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51235
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030109
reference_id	2030109
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030109

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43538

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbb1-awzh-1ub2

url VCID-xdkv-a1r9-puc9

vulnerability_id VCID-xdkv-a1r9-puc9

summary Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43536.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43536.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43536

reference_id

reference_type

scores

value	0.00563
scoring_system	epss
scoring_elements	0.68744
published_at	2026-06-08T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.6872
published_at	2026-06-04T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.6876
published_at	2026-06-07T12:55:00Z

value	0.00563
scoring_system	epss
scoring_elements	0.68768
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030105
reference_id	2030105
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030105

reference_url	https://security.archlinux.org/ASA-202112-8
reference_id	ASA-202112-8
reference_type
scores
url	https://security.archlinux.org/ASA-202112-8

reference_url	https://security.archlinux.org/ASA-202112-9
reference_id	ASA-202112-9
reference_type
scores
url	https://security.archlinux.org/ASA-202112-9

reference_url

https://security.archlinux.org/AVG-2606

reference_id

AVG-2606

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2606

reference_url

https://security.archlinux.org/AVG-2608

reference_id

AVG-2608

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2608

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5186-1/
reference_id	USN-5186-1
reference_type
scores
url	https://usn.ubuntu.com/5186-1/

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-43536

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xdkv-a1r9-puc9

url VCID-yfmn-xrkm-dycf

vulnerability_id VCID-yfmn-xrkm-dycf

summary Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4129.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4129.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-4129

reference_id

reference_type

scores

value	0.00361
scoring_system	epss
scoring_elements	0.58572
published_at	2026-06-05T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58559
published_at	2026-06-08T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58574
published_at	2026-06-07T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58525
published_at	2026-06-04T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58581
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2030116
reference_id	2030116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2030116

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421

reference_id

buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421

reference_url	https://security.gentoo.org/glsa/202202-03
reference_id	GLSA-202202-03
reference_type
scores
url	https://security.gentoo.org/glsa/202202-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_id

mfsa2021-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-52

reference_url

https://www.mozilla.org/security/advisories/mfsa2021-52/

reference_id

mfsa2021-52

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/

url

https://www.mozilla.org/security/advisories/mfsa2021-52/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_id

mfsa2021-53

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-53

reference_url

https://www.mozilla.org/security/advisories/mfsa2021-53/

reference_id

mfsa2021-53

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/

url

https://www.mozilla.org/security/advisories/mfsa2021-53/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_id

mfsa2021-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-54

reference_url

https://www.mozilla.org/security/advisories/mfsa2021-54/

reference_id

mfsa2021-54

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/

url

https://www.mozilla.org/security/advisories/mfsa2021-54/

reference_url	https://access.redhat.com/errata/RHSA-2021:5013
reference_id	RHSA-2021:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5013

reference_url	https://access.redhat.com/errata/RHSA-2021:5014
reference_id	RHSA-2021:5014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5014

reference_url	https://access.redhat.com/errata/RHSA-2021:5015
reference_id	RHSA-2021:5015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5015

reference_url	https://access.redhat.com/errata/RHSA-2021:5016
reference_id	RHSA-2021:5016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5016

reference_url	https://access.redhat.com/errata/RHSA-2021:5017
reference_id	RHSA-2021:5017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5017

reference_url	https://access.redhat.com/errata/RHSA-2021:5045
reference_id	RHSA-2021:5045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5045

reference_url	https://access.redhat.com/errata/RHSA-2021:5046
reference_id	RHSA-2021:5046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5046

reference_url	https://access.redhat.com/errata/RHSA-2021:5047
reference_id	RHSA-2021:5047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5047

reference_url	https://access.redhat.com/errata/RHSA-2021:5048
reference_id	RHSA-2021:5048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5048

reference_url	https://access.redhat.com/errata/RHSA-2021:5055
reference_id	RHSA-2021:5055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5055

reference_url	https://usn.ubuntu.com/5246-1/
reference_id	USN-5246-1
reference_type
scores
url	https://usn.ubuntu.com/5246-1/

reference_url	https://usn.ubuntu.com/5248-1/
reference_id	USN-5248-1
reference_type
scores
url	https://usn.ubuntu.com/5248-1/

fixed_packages

url	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/thunderbird@91.4.0-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

aliases CVE-2021-4129

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfmn-xrkm-dycf

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

Package Instance