{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","type":"apk","namespace":"alpine","name":"firefox-esr","version":"78.13.0-r0","qualifiers":{"arch":"armv7","distroversion":"v3.22","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"91.2.0-r0","latest_non_vulnerable_version":"115.6.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1273?format=json","vulnerability_id":"VCID-1cnr-28vc-sqcy","summary":"Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29980","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70461","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70417","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70458","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70467","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70449","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70438","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992421","reference_id":"1992421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992421"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-29980"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1cnr-28vc-sqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1270?format=json","vulnerability_id":"VCID-5h5r-wcta-a7au","summary":"A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29986","reference_id":"","reference_type":"","scores":[{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6953","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69485","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69524","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69532","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69522","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6951","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992417","reference_id":"1992417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992417"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-29986"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5h5r-wcta-a7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1275?format=json","vulnerability_id":"VCID-918z-26zm-67hc","summary":"Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety bugs present in Thunderbird 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29989","reference_id":"","reference_type":"","scores":[{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67233","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67202","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67243","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67251","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67235","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67218","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992423","reference_id":"1992423","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992423"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-29989"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-918z-26zm-67hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1272?format=json","vulnerability_id":"VCID-n657-bctg-1few","summary":"Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29984","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6392","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63873","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63915","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63922","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.639","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992420","reference_id":"1992420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992420"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-29984"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n657-bctg-1few"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1271?format=json","vulnerability_id":"VCID-wqye-9ny7-e7a3","summary":"Thunderbird incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29988","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70461","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70417","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70458","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70467","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70449","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70438","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992419","reference_id":"1992419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992419"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-29988"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wqye-9ny7-e7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1274?format=json","vulnerability_id":"VCID-yny3-7vjj-kyga","summary":"A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29985","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61738","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61692","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6174","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61747","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61735","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6172","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992422","reference_id":"1992422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992422"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354693?format=json","purl":"pkg:apk/alpine/firefox-esr@78.13.0-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-29985"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yny3-7vjj-kyga"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@78.13.0-r0%3Farch=armv7&distroversion=v3.22&reponame=community"}