{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","type":"apk","namespace":"alpine","name":"thunderbird","version":"91.6.0-r0","qualifiers":{"arch":"ppc64le","distroversion":"edge","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"91.6.2-r0","latest_non_vulnerable_version":"128.5.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31171?format=json","vulnerability_id":"VCID-89kx-fdvr-73cs","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22754.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22754","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09152","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09043","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0907","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09001","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09121","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053236","reference_id":"2053236","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053236"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1750565","reference_id":"show_bug.cgi?id=1750565","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:44:24Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1750565"},{"reference_url":"https://usn.ubuntu.com/5284-1/","reference_id":"USN-5284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5284-1/"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22754"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-89kx-fdvr-73cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31179?format=json","vulnerability_id":"VCID-eyrw-5dmv-pqfe","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22764.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22764","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47042","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47065","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47041","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47044","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.4699","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47023","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47101","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47038","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053243","reference_id":"2053243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053243"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279","reference_id":"buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:28:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://usn.ubuntu.com/5284-1/","reference_id":"USN-5284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5284-1/"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22764"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyrw-5dmv-pqfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31174?format=json","vulnerability_id":"VCID-fa1y-hpcb-27gj","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22760.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22760","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43392","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43389","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43407","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.4342","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43406","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43416","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43355","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053238","reference_id":"2053238","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053238"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1740985","reference_id":"show_bug.cgi?id=1740985","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1740985"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1748503","reference_id":"show_bug.cgi?id=1748503","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:35:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1748503"},{"reference_url":"https://usn.ubuntu.com/5284-1/","reference_id":"USN-5284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5284-1/"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22760"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fa1y-hpcb-27gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31177?format=json","vulnerability_id":"VCID-jj6t-1q5f-uyez","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22763.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22763","reference_id":"","reference_type":"","scores":[{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62506","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62559","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62541","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62525","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62473","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62474","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62566","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62548","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053240","reference_id":"2053240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053240"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1740534","reference_id":"show_bug.cgi?id=1740534","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:29:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1740534"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22763"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jj6t-1q5f-uyez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31176?format=json","vulnerability_id":"VCID-kpk1-e652-nkfa","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22761.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22761","reference_id":"","reference_type":"","scores":[{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51446","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51499","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51457","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51459","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51419","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51508","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51465","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51478","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053239","reference_id":"2053239","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053239"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1745566","reference_id":"show_bug.cgi?id=1745566","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:33:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1745566"},{"reference_url":"https://usn.ubuntu.com/5284-1/","reference_id":"USN-5284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5284-1/"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22761"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpk1-e652-nkfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35228?format=json","vulnerability_id":"VCID-mqte-f1hw-2ya5","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22753","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61374","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61427","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61343","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61431","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61393","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61412","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053241","reference_id":"2053241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053241"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1732435","reference_id":"show_bug.cgi?id=1732435","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1732435"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22753"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqte-f1hw-2ya5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31172?format=json","vulnerability_id":"VCID-q4bf-vh36-kye9","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22756.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22756.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22756","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50354","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.5039","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50348","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50355","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50302","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50325","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50397","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50352","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50366","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053237","reference_id":"2053237","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053237"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317873","reference_id":"show_bug.cgi?id=1317873","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:37:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1317873"},{"reference_url":"https://usn.ubuntu.com/5284-1/","reference_id":"USN-5284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5284-1/"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22756"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4bf-vh36-kye9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31173?format=json","vulnerability_id":"VCID-y12a-2bn1-vkdz","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22759.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22759.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22759","reference_id":"","reference_type":"","scores":[{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49909","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49925","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49907","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49914","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49859","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.4988","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49944","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49898","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49897","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053242","reference_id":"2053242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053242"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0510","reference_id":"RHSA-2022:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0511","reference_id":"RHSA-2022:0511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0512","reference_id":"RHSA-2022:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0513","reference_id":"RHSA-2022:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0514","reference_id":"RHSA-2022:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0535","reference_id":"RHSA-2022:0535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0536","reference_id":"RHSA-2022:0536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0537","reference_id":"RHSA-2022:0537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0538","reference_id":"RHSA-2022:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0539","reference_id":"RHSA-2022:0539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0539"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1739957","reference_id":"show_bug.cgi?id=1739957","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:36:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1739957"},{"reference_url":"https://usn.ubuntu.com/5284-1/","reference_id":"USN-5284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5284-1/"},{"reference_url":"https://usn.ubuntu.com/5345-1/","reference_id":"USN-5345-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5345-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/445550?format=json","purl":"pkg:apk/alpine/thunderbird@91.6.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}],"aliases":["CVE-2022-22759"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y12a-2bn1-vkdz"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/thunderbird@91.6.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"}