{"url":"http://public2.vulnerablecode.io/api/packages/371967?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.12.0-1","type":"alpm","namespace":"archlinux","name":"thunderbird","version":"78.12.0-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"91.1.0-1","latest_non_vulnerable_version":"91.10-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31123?format=json","vulnerability_id":"VCID-2syj-hbw7-fkbp","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29988.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29988","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70226","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70115","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70122","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70097","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70139","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7017","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70166","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70216","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69968","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.6998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69994","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.69971","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70019","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70059","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70043","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.7003","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70073","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70082","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70063","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992419","reference_id":"1992419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992419"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371172?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.13.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qap-6r9b-6qbv"},{"vulnerability":"VCID-7fvy-7hpe-kbej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.13.0-1"}],"aliases":["CVE-2021-29988"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2syj-hbw7-fkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31119?format=json","vulnerability_id":"VCID-4vt1-q4wj-87bm","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29980.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29980","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61509","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61398","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61392","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61343","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61451","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61412","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61439","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61494","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61244","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61353","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61322","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61369","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61384","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61405","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6139","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61371","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6141","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61413","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61395","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992421","reference_id":"1992421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992421"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371172?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.13.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qap-6r9b-6qbv"},{"vulnerability":"VCID-7fvy-7hpe-kbej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.13.0-1"}],"aliases":["CVE-2021-29980"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vt1-q4wj-87bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31122?format=json","vulnerability_id":"VCID-a659-299u-byfb","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29986.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29986","reference_id":"","reference_type":"","scores":[{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69306","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69196","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69176","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6922","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69253","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69221","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69245","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69294","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69036","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69053","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69075","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69055","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69105","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69147","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69131","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69102","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69141","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69151","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6913","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69179","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69188","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992417","reference_id":"1992417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992417"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371172?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.13.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qap-6r9b-6qbv"},{"vulnerability":"VCID-7fvy-7hpe-kbej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.13.0-1"}],"aliases":["CVE-2021-29986"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a659-299u-byfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31125?format=json","vulnerability_id":"VCID-kat5-hy8e-skah","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29989.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29989","reference_id":"","reference_type":"","scores":[{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67034","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.6691","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66881","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66923","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66963","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66935","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66958","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67022","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66773","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66811","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66836","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66809","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66858","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66871","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66891","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66877","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66845","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66878","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66892","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66875","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.669","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66913","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992423","reference_id":"1992423","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992423"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371172?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.13.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qap-6r9b-6qbv"},{"vulnerability":"VCID-7fvy-7hpe-kbej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.13.0-1"}],"aliases":["CVE-2021-29989"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kat5-hy8e-skah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31121?format=json","vulnerability_id":"VCID-qv8f-9y37-bbdk","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29985.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29985","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61509","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61398","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61392","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61343","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61451","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61412","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61439","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61494","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61244","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61353","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61322","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61369","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61384","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61405","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6139","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61371","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6141","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61413","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61395","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992422","reference_id":"1992422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992422"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371172?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.13.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qap-6r9b-6qbv"},{"vulnerability":"VCID-7fvy-7hpe-kbej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.13.0-1"}],"aliases":["CVE-2021-29985"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qv8f-9y37-bbdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31120?format=json","vulnerability_id":"VCID-w68x-99b7-7qgs","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29984.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29984","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63719","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63574","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.636","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63572","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63616","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63668","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63633","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63659","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63711","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63562","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63583","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63591","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00673","scoring_system":"epss","scoring_elements":"0.71349","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00673","scoring_system":"epss","scoring_elements":"0.71375","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00673","scoring_system":"epss","scoring_elements":"0.71357","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992420","reference_id":"1992420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992420"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3154","reference_id":"RHSA-2021:3154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3155","reference_id":"RHSA-2021:3155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3156","reference_id":"RHSA-2021:3156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3157","reference_id":"RHSA-2021:3157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3159","reference_id":"RHSA-2021:3159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3160","reference_id":"RHSA-2021:3160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3161","reference_id":"RHSA-2021:3161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3162","reference_id":"RHSA-2021:3162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3162"},{"reference_url":"https://usn.ubuntu.com/5037-1/","reference_id":"USN-5037-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5037-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371172?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.13.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qap-6r9b-6qbv"},{"vulnerability":"VCID-7fvy-7hpe-kbej"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.13.0-1"}],"aliases":["CVE-2021-29984"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w68x-99b7-7qgs"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31118?format=json","vulnerability_id":"VCID-3zwq-1hwc-3fgj","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29976.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29976","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69387","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6926","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69302","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69336","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69304","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69329","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69375","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69121","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69137","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69158","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69139","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69189","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6923","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69215","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69187","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69227","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69235","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69214","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69266","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69274","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69282","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982014","reference_id":"1982014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982014"},{"reference_url":"https://security.archlinux.org/ASA-202107-20","reference_id":"ASA-202107-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-20"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2148","reference_id":"AVG-2148","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2148"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28","reference_id":"mfsa2021-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29","reference_id":"mfsa2021-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2740","reference_id":"RHSA-2021:2740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2741","reference_id":"RHSA-2021:2741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2742","reference_id":"RHSA-2021:2742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2743","reference_id":"RHSA-2021:2743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2881","reference_id":"RHSA-2021:2881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2882","reference_id":"RHSA-2021:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2883","reference_id":"RHSA-2021:2883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2914","reference_id":"RHSA-2021:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2914"},{"reference_url":"https://usn.ubuntu.com/5011-1/","reference_id":"USN-5011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5011-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371967?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.12.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syj-hbw7-fkbp"},{"vulnerability":"VCID-4vt1-q4wj-87bm"},{"vulnerability":"VCID-a659-299u-byfb"},{"vulnerability":"VCID-kat5-hy8e-skah"},{"vulnerability":"VCID-qv8f-9y37-bbdk"},{"vulnerability":"VCID-w68x-99b7-7qgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.12.0-1"}],"aliases":["CVE-2021-29976"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zwq-1hwc-3fgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31117?format=json","vulnerability_id":"VCID-66dg-7sm8-vbgx","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29970.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29970","reference_id":"","reference_type":"","scores":[{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73143","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73047","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73076","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73097","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73057","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73081","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73136","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72905","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72916","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72936","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72911","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72949","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72963","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72968","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.72962","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73003","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73013","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73006","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73046","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73056","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73053","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982013","reference_id":"1982013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982013"},{"reference_url":"https://security.archlinux.org/ASA-202107-20","reference_id":"ASA-202107-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-20"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2148","reference_id":"AVG-2148","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2148"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28","reference_id":"mfsa2021-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29","reference_id":"mfsa2021-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2740","reference_id":"RHSA-2021:2740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2741","reference_id":"RHSA-2021:2741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2742","reference_id":"RHSA-2021:2742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2743","reference_id":"RHSA-2021:2743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2881","reference_id":"RHSA-2021:2881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2882","reference_id":"RHSA-2021:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2883","reference_id":"RHSA-2021:2883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2914","reference_id":"RHSA-2021:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2914"},{"reference_url":"https://usn.ubuntu.com/5011-1/","reference_id":"USN-5011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5011-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371967?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.12.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syj-hbw7-fkbp"},{"vulnerability":"VCID-4vt1-q4wj-87bm"},{"vulnerability":"VCID-a659-299u-byfb"},{"vulnerability":"VCID-kat5-hy8e-skah"},{"vulnerability":"VCID-qv8f-9y37-bbdk"},{"vulnerability":"VCID-w68x-99b7-7qgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.12.0-1"}],"aliases":["CVE-2021-29970"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-66dg-7sm8-vbgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31116?format=json","vulnerability_id":"VCID-ea7p-189v-mqbq","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29969.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29969","reference_id":"","reference_type":"","scores":[{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60286","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60556","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.605","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60484","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60545","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60361","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60388","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60356","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60405","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60421","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60442","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60428","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60408","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60457","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60448","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60436","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60395","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982015","reference_id":"1982015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982015"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2881","reference_id":"RHSA-2021:2881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2882","reference_id":"RHSA-2021:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2883","reference_id":"RHSA-2021:2883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2914","reference_id":"RHSA-2021:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2914"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371967?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.12.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syj-hbw7-fkbp"},{"vulnerability":"VCID-4vt1-q4wj-87bm"},{"vulnerability":"VCID-a659-299u-byfb"},{"vulnerability":"VCID-kat5-hy8e-skah"},{"vulnerability":"VCID-qv8f-9y37-bbdk"},{"vulnerability":"VCID-w68x-99b7-7qgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.12.0-1"}],"aliases":["CVE-2021-29969"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ea7p-189v-mqbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31126?format=json","vulnerability_id":"VCID-teh4-fmg6-53ab","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30547.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30547","reference_id":"","reference_type":"","scores":[{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85601","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85488","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85487","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85504","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85528","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85546","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85542","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85555","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85593","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85358","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.8537","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85389","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85392","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85413","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85422","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85436","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85435","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85431","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85455","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85459","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85456","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02527","scoring_system":"epss","scoring_elements":"0.85479","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970109","reference_id":"1970109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970109"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079","reference_id":"990079","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079"},{"reference_url":"https://security.archlinux.org/ASA-202106-31","reference_id":"ASA-202106-31","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-31"},{"reference_url":"https://security.archlinux.org/ASA-202106-32","reference_id":"ASA-202106-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-32"},{"reference_url":"https://security.archlinux.org/ASA-202107-20","reference_id":"ASA-202107-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-20"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2057","reference_id":"AVG-2057","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2057"},{"reference_url":"https://security.archlinux.org/AVG-2058","reference_id":"AVG-2058","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2058"},{"reference_url":"https://security.archlinux.org/AVG-2148","reference_id":"AVG-2148","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2148"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28","reference_id":"mfsa2021-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29","reference_id":"mfsa2021-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2740","reference_id":"RHSA-2021:2740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2741","reference_id":"RHSA-2021:2741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2742","reference_id":"RHSA-2021:2742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2743","reference_id":"RHSA-2021:2743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2881","reference_id":"RHSA-2021:2881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2882","reference_id":"RHSA-2021:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2883","reference_id":"RHSA-2021:2883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2914","reference_id":"RHSA-2021:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2914"},{"reference_url":"https://usn.ubuntu.com/5011-1/","reference_id":"USN-5011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5011-1/"},{"reference_url":"https://usn.ubuntu.com/5058-1/","reference_id":"USN-5058-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5058-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371967?format=json","purl":"pkg:alpm/archlinux/thunderbird@78.12.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syj-hbw7-fkbp"},{"vulnerability":"VCID-4vt1-q4wj-87bm"},{"vulnerability":"VCID-a659-299u-byfb"},{"vulnerability":"VCID-kat5-hy8e-skah"},{"vulnerability":"VCID-qv8f-9y37-bbdk"},{"vulnerability":"VCID-w68x-99b7-7qgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.12.0-1"}],"aliases":["CVE-2021-30547"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-teh4-fmg6-53ab"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.12.0-1"}