{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","type":"apk","namespace":"alpine","name":"thunderbird","version":"91.4.0-r0","qualifiers":{"arch":"armhf","distroversion":"v3.22","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"91.4.1-r0","latest_non_vulnerable_version":"128.5.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31147?format=json","vulnerability_id":"VCID-2vyc-yhw7-muea","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43546.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43546","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58791","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58865","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62514","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63079","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63058","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63044","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63022","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63059","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63066","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63065","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.62974","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63025","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63041","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030115","reference_id":"2030115","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030115"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43546"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vyc-yhw7-muea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31143?format=json","vulnerability_id":"VCID-7458-uqdr-5fg7","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43541.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43541","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53829","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53802","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55222","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5531","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55314","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55229","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5525","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55248","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55298","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55299","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55311","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5529","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030111","reference_id":"2030111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030111"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43541"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7458-uqdr-5fg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31145?format=json","vulnerability_id":"VCID-bqyj-qnak-eydy","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43543.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43543.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43543","reference_id":"","reference_type":"","scores":[{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63791","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64197","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64156","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64157","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64128","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64165","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64176","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64164","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.6409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.6414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.69681","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030113","reference_id":"2030113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030113"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43543"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqyj-qnak-eydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31142?format=json","vulnerability_id":"VCID-qd4e-g5zv-1ucf","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43539.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43539","reference_id":"","reference_type":"","scores":[{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76663","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.7662","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76624","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76612","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.7665","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76522","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76527","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76537","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76569","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.7658","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76606","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00967","scoring_system":"epss","scoring_elements":"0.76585","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030110","reference_id":"2030110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030110"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43539"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qd4e-g5zv-1ucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31146?format=json","vulnerability_id":"VCID-rq11-qm9e-7ubk","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43545.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43545","reference_id":"","reference_type":"","scores":[{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45021","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46287","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46341","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46336","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46346","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46403","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.464","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46328","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46339","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46286","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69636","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69624","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030114","reference_id":"2030114","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030114"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43545"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rq11-qm9e-7ubk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31141?format=json","vulnerability_id":"VCID-utn7-mdgr-z7em","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43538.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43538","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50947","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51026","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51009","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51053","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51031","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50978","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50986","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50915","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50968","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50951","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51008","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51047","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030109","reference_id":"2030109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030109"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43538"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-utn7-mdgr-z7em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31139?format=json","vulnerability_id":"VCID-vc9x-hjtc-q3f1","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43536.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43536","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65979","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66021","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68436","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68351","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.6839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68403","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68382","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68428","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68433","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68302","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68353","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.6837","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68396","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68384","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030105","reference_id":"2030105","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030105"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43536"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vc9x-hjtc-q3f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31140?format=json","vulnerability_id":"VCID-xud3-4s7g-rkcv","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43537.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43537.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43537","reference_id":"","reference_type":"","scores":[{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67212","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67274","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.6725","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68321","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68276","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68287","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.6831","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68318","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68243","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68258","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68282","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.6827","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030106","reference_id":"2030106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030106"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43537"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xud3-4s7g-rkcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31144?format=json","vulnerability_id":"VCID-yuex-f2ae-ffft","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43542.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43542.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43542","reference_id":"","reference_type":"","scores":[{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70094","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70121","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71094","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71014","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.70998","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71044","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71051","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71095","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.7095","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.70992","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.71007","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.7103","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030112","reference_id":"2030112","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030112"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5186-1/","reference_id":"USN-5186-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5186-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43542"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yuex-f2ae-ffft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31113?format=json","vulnerability_id":"VCID-z19z-zu3b-5khe","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4129.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4129.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4129","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52738","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52762","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54123","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54222","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54173","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54175","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54208","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54226","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54184","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55974","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55954","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55949","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030116","reference_id":"2030116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030116"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421","reference_id":"buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1393362%2C1736046%2C1736751%2C1737009%2C1739372%2C1739421"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2021-52/","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2021-52/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2021-53/","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2021-53/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2021-54/","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:56:25Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2021-54/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5013","reference_id":"RHSA-2021:5013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5014","reference_id":"RHSA-2021:5014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5015","reference_id":"RHSA-2021:5015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5016","reference_id":"RHSA-2021:5016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5017","reference_id":"RHSA-2021:5017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-4129"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z19z-zu3b-5khe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31136?format=json","vulnerability_id":"VCID-zr32-w34c-3ygt","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43528.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43528","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74987","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75113","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75066","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75104","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75109","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7499","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75019","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.74996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.7503","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75041","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75032","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75069","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75076","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030137","reference_id":"2030137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030137"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5045","reference_id":"RHSA-2021:5045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5046","reference_id":"RHSA-2021:5046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5047","reference_id":"RHSA-2021:5047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5048","reference_id":"RHSA-2021:5048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5055","reference_id":"RHSA-2021:5055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5055"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434421?format=json","purl":"pkg:apk/alpine/thunderbird@91.4.0-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2021-43528"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zr32-w34c-3ygt"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.4.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}