Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/372135?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/372135?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.0-1", "type": "alpm", "namespace": "archlinux", "name": "thunderbird", "version": "78.9.0-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "78.9.1-1", "latest_non_vulnerable_version": "91.10-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63221?format=api", "vulnerability_id": "VCID-3tmg-yvx8-5kdt", "summary": "If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey, Thunderbird might subsequently attempt to use the invalid subkey, and will fail to send encrypted email to Alice.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23991.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23991.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42511", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42371", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42355", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42277", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42304", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42582", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42612", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42635", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42598", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42569", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42613", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42548", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42484", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42485", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42402", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42261", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42337", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948393", "reference_id": "1948393", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948393" }, { "reference_url": "https://security.archlinux.org/AVG-1790", "reference_id": "AVG-1790", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1790" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13", "reference_id": "mfsa2021-13", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1190", "reference_id": "RHSA-2021:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1192", "reference_id": "RHSA-2021:1192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1193", "reference_id": "RHSA-2021:1193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1201", "reference_id": "RHSA-2021:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1201" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373841?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.1-1" } ], "aliases": [ "CVE-2021-23991" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tmg-yvx8-5kdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63222?format=api", "vulnerability_id": "VCID-7tj1-s8bv-e7hv", "summary": "Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23992.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23992.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24962", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24775", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24702", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24719", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25041", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25079", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24854", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24923", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24944", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24889", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24902", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24873", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24818", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24805", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24758", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24634", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24711", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948394", "reference_id": "1948394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948394" }, { "reference_url": "https://security.archlinux.org/AVG-1790", "reference_id": "AVG-1790", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1790" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13", "reference_id": "mfsa2021-13", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1190", "reference_id": "RHSA-2021:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1192", "reference_id": "RHSA-2021:1192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1193", "reference_id": "RHSA-2021:1193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1201", "reference_id": "RHSA-2021:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1201" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373841?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.1-1" } ], "aliases": [ "CVE-2021-23992" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7tj1-s8bv-e7hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63224?format=api", "vulnerability_id": "VCID-un8e-mz4v-t7ea", "summary": "When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29949.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29949.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1951", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19434", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19339", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.193", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19336", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1965", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1942", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19498", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1955", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19553", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19417", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1943", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19323", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19313", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19273", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19166", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19248", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951872", "reference_id": "1951872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951872" }, { "reference_url": "https://security.archlinux.org/AVG-1790", "reference_id": "AVG-1790", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1790" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13", "reference_id": "mfsa2021-13", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1190", "reference_id": "RHSA-2021:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1192", "reference_id": "RHSA-2021:1192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1193", "reference_id": "RHSA-2021:1193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1201", "reference_id": "RHSA-2021:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1201" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373841?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.1-1" } ], "aliases": [ "CVE-2021-29949" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-un8e-mz4v-t7ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63223?format=api", "vulnerability_id": "VCID-yy95-yypj-cqbh", "summary": "An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23993.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23993.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15893", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15775", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15764", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16021", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15968", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15947", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15841", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15909", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20122", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20039", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20008", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20032", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20118", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20001", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19996", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19967", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19874", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19952", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948395", "reference_id": "1948395", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948395" }, { "reference_url": "https://security.archlinux.org/AVG-1790", "reference_id": "AVG-1790", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1790" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13", "reference_id": "mfsa2021-13", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1190", "reference_id": "RHSA-2021:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1192", "reference_id": "RHSA-2021:1192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1193", "reference_id": "RHSA-2021:1193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1201", "reference_id": "RHSA-2021:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1201" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373841?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.1-1" } ], "aliases": [ "CVE-2021-23993" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yy95-yypj-cqbh" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50227?format=api", "vulnerability_id": "VCID-a2x3-x693-gqdf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23984.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23984.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43743", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43744", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43618", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43693", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.4371", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43647", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43678", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43867", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43863", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43913", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43901", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43938", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.4387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43822", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43824", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942786", "reference_id": "1942786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942786" }, { "reference_url": "https://security.archlinux.org/AVG-1728", "reference_id": "AVG-1728", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1728" }, { "reference_url": "https://security.archlinux.org/AVG-1729", "reference_id": "AVG-1729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1729" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11", "reference_id": "mfsa2021-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12", "reference_id": "mfsa2021-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0989", "reference_id": "RHSA-2021:0989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0990", "reference_id": "RHSA-2021:0990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0991", "reference_id": "RHSA-2021:0991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0992", "reference_id": "RHSA-2021:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0993", "reference_id": "RHSA-2021:0993", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0993" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0994", "reference_id": "RHSA-2021:0994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0995", "reference_id": "RHSA-2021:0995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0996", "reference_id": "RHSA-2021:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0996" }, { "reference_url": "https://usn.ubuntu.com/4893-1/", "reference_id": "USN-4893-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4893-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372135?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tmg-yvx8-5kdt" }, { "vulnerability": "VCID-7tj1-s8bv-e7hv" }, { "vulnerability": "VCID-un8e-mz4v-t7ea" }, { "vulnerability": "VCID-yy95-yypj-cqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.0-1" } ], "aliases": [ "CVE-2021-23984" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a2x3-x693-gqdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50225?format=api", "vulnerability_id": "VCID-gjvm-8v8y-d7c5", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23982.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23982.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30514", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30563", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30423", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30492", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.305", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30424", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30447", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30953", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31128", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31002", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31031", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30994", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30949", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.3098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.3096", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30925", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30763", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30646", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942785", "reference_id": "1942785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942785" }, { "reference_url": "https://security.archlinux.org/AVG-1728", "reference_id": "AVG-1728", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1728" }, { "reference_url": "https://security.archlinux.org/AVG-1729", "reference_id": "AVG-1729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1729" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11", "reference_id": "mfsa2021-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12", "reference_id": "mfsa2021-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0989", "reference_id": "RHSA-2021:0989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0990", "reference_id": "RHSA-2021:0990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0991", "reference_id": "RHSA-2021:0991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0992", "reference_id": "RHSA-2021:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0993", "reference_id": "RHSA-2021:0993", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0993" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0994", "reference_id": "RHSA-2021:0994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0995", "reference_id": "RHSA-2021:0995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0996", "reference_id": "RHSA-2021:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0996" }, { "reference_url": "https://usn.ubuntu.com/4893-1/", "reference_id": "USN-4893-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4893-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372135?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tmg-yvx8-5kdt" }, { "vulnerability": "VCID-7tj1-s8bv-e7hv" }, { "vulnerability": "VCID-un8e-mz4v-t7ea" }, { "vulnerability": "VCID-yy95-yypj-cqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.0-1" } ], "aliases": [ "CVE-2021-23982" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjvm-8v8y-d7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50224?format=api", "vulnerability_id": "VCID-kk9k-mpvr-7kh9", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23981.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23981.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58881", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58772", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58725", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58769", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58827", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58784", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5881", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58662", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58746", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58787", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58813", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58795", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58775", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58808", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58812", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5879", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58758", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942783", "reference_id": "1942783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942783" }, { "reference_url": "https://security.archlinux.org/AVG-1728", "reference_id": "AVG-1728", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1728" }, { "reference_url": "https://security.archlinux.org/AVG-1729", "reference_id": "AVG-1729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1729" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11", "reference_id": "mfsa2021-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12", "reference_id": "mfsa2021-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0989", "reference_id": "RHSA-2021:0989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0990", "reference_id": "RHSA-2021:0990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0991", "reference_id": "RHSA-2021:0991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0992", "reference_id": "RHSA-2021:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0993", "reference_id": "RHSA-2021:0993", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0993" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0994", "reference_id": "RHSA-2021:0994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0995", "reference_id": "RHSA-2021:0995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0996", "reference_id": "RHSA-2021:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0996" }, { "reference_url": "https://usn.ubuntu.com/4893-1/", "reference_id": "USN-4893-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4893-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372135?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tmg-yvx8-5kdt" }, { "vulnerability": "VCID-7tj1-s8bv-e7hv" }, { "vulnerability": "VCID-un8e-mz4v-t7ea" }, { "vulnerability": "VCID-yy95-yypj-cqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.0-1" } ], "aliases": [ "CVE-2021-23981" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kk9k-mpvr-7kh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50230?format=api", "vulnerability_id": "VCID-uv8b-n94e-budc", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23987.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23987.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23987", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.4815", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48258", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48255", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48204", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48117", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.4818", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48206", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48187", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48244", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48196", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48252", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48246", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48271", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48257", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48309", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48303", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942787", "reference_id": "1942787", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942787" }, { "reference_url": "https://security.archlinux.org/AVG-1728", "reference_id": "AVG-1728", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1728" }, { "reference_url": "https://security.archlinux.org/AVG-1729", "reference_id": "AVG-1729", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1729" }, { "reference_url": "https://security.gentoo.org/glsa/202104-09", "reference_id": "GLSA-202104-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-09" }, { "reference_url": "https://security.gentoo.org/glsa/202104-10", "reference_id": "GLSA-202104-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11", "reference_id": "mfsa2021-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12", "reference_id": "mfsa2021-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0989", "reference_id": "RHSA-2021:0989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0990", "reference_id": "RHSA-2021:0990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0991", "reference_id": "RHSA-2021:0991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0992", "reference_id": "RHSA-2021:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0993", "reference_id": "RHSA-2021:0993", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0993" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0994", "reference_id": "RHSA-2021:0994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0995", "reference_id": "RHSA-2021:0995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0996", "reference_id": "RHSA-2021:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0996" }, { "reference_url": "https://usn.ubuntu.com/4893-1/", "reference_id": "USN-4893-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4893-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-1/", "reference_id": "USN-4995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-1/" }, { "reference_url": "https://usn.ubuntu.com/4995-2/", "reference_id": "USN-4995-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4995-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372135?format=api", "purl": "pkg:alpm/archlinux/thunderbird@78.9.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tmg-yvx8-5kdt" }, { "vulnerability": "VCID-7tj1-s8bv-e7hv" }, { "vulnerability": "VCID-un8e-mz4v-t7ea" }, { "vulnerability": "VCID-yy95-yypj-cqbh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.0-1" } ], "aliases": [ "CVE-2021-23987" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uv8b-n94e-budc" } ], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@78.9.0-1" }