{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","type":"deb","namespace":"debian","name":"thunderbird","version":"1:78.14.0-1~deb10u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:91.12.0-1~deb10u1","latest_non_vulnerable_version":"1:91.12.0-1~deb10u1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1303?format=json","vulnerability_id":"VCID-1bt3-9xbp-3ugu","summary":"An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43537"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bt3-9xbp-3ugu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1723?format=json","vulnerability_id":"VCID-1nmu-sdab-2yhh","summary":"If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-2200"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1nmu-sdab-2yhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1833?format=json","vulnerability_id":"VCID-1rhs-t2kk-pyh5","summary":"Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22737"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1rhs-t2kk-pyh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1855?format=json","vulnerability_id":"VCID-25bh-n5g8-w7fz","summary":"An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2728","reference_id":"AVG-2728","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2728"},{"reference_url":"https://security.archlinux.org/AVG-2729","reference_id":"AVG-2729","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-19","reference_id":"mfsa2022-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-19"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-25bh-n5g8-w7fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1710?format=json","vulnerability_id":"VCID-38br-a5x4-ska5","summary":"Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2709","reference_id":"AVG-2709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2709"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16","reference_id":"mfsa2022-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17","reference_id":"mfsa2022-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29916"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-38br-a5x4-ska5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1766?format=json","vulnerability_id":"VCID-3qt5-w1we-67hp","summary":"When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-28285"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qt5-w1we-67hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1721?format=json","vulnerability_id":"VCID-3xnh-sesb-bfbv","summary":"If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-34472"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3xnh-sesb-bfbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1289?format=json","vulnerability_id":"VCID-473a-9b6z-bufs","summary":"The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80.  However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP.  This was resolved by disabling the Opportunistic Encryption feature, which had low usage.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38507"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-473a-9b6z-bufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1832?format=json","vulnerability_id":"VCID-49pe-xh4r-uqab","summary":"Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22738"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-49pe-xh4r-uqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1707?format=json","vulnerability_id":"VCID-4dx9-1499-gqcz","summary":"Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users.  This behavior was reverted to the original, user-specific directory. *This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.*","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387"},{"reference_url":"https://security.archlinux.org/AVG-2713","reference_id":"AVG-2713","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2713"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11","reference_id":"mfsa2022-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12","reference_id":"mfsa2022-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26386"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dx9-1499-gqcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1711?format=json","vulnerability_id":"VCID-4xhj-hee5-9qes","summary":"An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2709","reference_id":"AVG-2709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2709"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16","reference_id":"mfsa2022-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17","reference_id":"mfsa2022-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29911"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4xhj-hee5-9qes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1374?format=json","vulnerability_id":"VCID-6drt-9b2u-m3hh","summary":"Thunderbird unexpectedly enabled JavaScript in the composition area.\nThe JavaScript execution context was limited to this area and did not\nreceive chrome-level privileges, but could be used as a stepping stone\nto further an attack with other vulnerabilities.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43528"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6drt-9b2u-m3hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1760?format=json","vulnerability_id":"VCID-6k79-gy9s-33h4","summary":"Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22764"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6k79-gy9s-33h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1309?format=json","vulnerability_id":"VCID-6krg-whdf-sbfp","summary":"Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43542"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6krg-whdf-sbfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1328?format=json","vulnerability_id":"VCID-6mx3-erwd-9fb6","summary":"When receiving an OpenPGP/MIME signed email message that contains an\nadditional outer MIME message layer, for example a message footer added by a\nmailing list gateway, Thunderbird only considered the inner signed message for\nthe signature validity. This gave the false impression that the additional contents\nwere also covered by the digital signature. Starting with Thunderbird version 91.4.1,\nonly the signature that belongs to the top level MIME part will be considered for\nthe displayed status.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-55","reference_id":"mfsa2021-55","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-55"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-4126"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6mx3-erwd-9fb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1717?format=json","vulnerability_id":"VCID-6yc1-jutk-1fcz","summary":"Session history navigations may have led to a use-after-free and potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-34470"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yc1-jutk-1fcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1786?format=json","vulnerability_id":"VCID-7juy-9d9m-q3ak","summary":"Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31747"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7juy-9d9m-q3ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1292?format=json","vulnerability_id":"VCID-7s6p-8cx2-bybs","summary":"Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38509"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s6p-8cx2-bybs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1797?format=json","vulnerability_id":"VCID-8mx3-68nj-wkhc","summary":"Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09","reference_id":"mfsa2022-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26485"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8mx3-68nj-wkhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1784?format=json","vulnerability_id":"VCID-8pg7-szzq-mqc6","summary":"A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31741"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8pg7-szzq-mqc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1764?format=json","vulnerability_id":"VCID-8sqq-nnpq-pkc2","summary":"After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1196"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8sqq-nnpq-pkc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1724?format=json","vulnerability_id":"VCID-8th2-q8wd-tyec","summary":"The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-34484"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8th2-q8wd-tyec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1290?format=json","vulnerability_id":"VCID-8x8f-1u2g-subu","summary":"A use-after-free could have occurred when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43535"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8x8f-1u2g-subu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1771?format=json","vulnerability_id":"VCID-8xck-dpza-gbaj","summary":"It may be possible for an attacker to craft an email message that\ncauses Thunderbird to perform an out-of-bounds write of one byte when\nprocessing the message.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-07","reference_id":"mfsa2022-07","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-0566"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xck-dpza-gbaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1846?format=json","vulnerability_id":"VCID-9ecm-dv8p-7ydz","summary":"When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1520"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ecm-dv8p-7ydz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1754?format=json","vulnerability_id":"VCID-9nc3-6nbk-cqgs","summary":"If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22754"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nc3-6nbk-cqgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1294?format=json","vulnerability_id":"VCID-awaj-87fh-hbfj","summary":"Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43534"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awaj-87fh-hbfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1312?format=json","vulnerability_id":"VCID-b4nd-9kkf-guhe","summary":"Using the Location API in a loop could have caused severe application hangs and crashes.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4nd-9kkf-guhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1285?format=json","vulnerability_id":"VCID-bnuz-8g1t-ybc2","summary":"The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38503"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bnuz-8g1t-ybc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1762?format=json","vulnerability_id":"VCID-bv8a-p6r5-17cz","summary":"If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-28281"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8a-p6r5-17cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1785?format=json","vulnerability_id":"VCID-bvhn-6mnr-vyas","summary":"An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles.  This could have led to cross-origin account linking in violation of WebAuthn goals.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31742"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvhn-6mnr-vyas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1305?format=json","vulnerability_id":"VCID-c8kq-mxnk-rugf","summary":"Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43539"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8kq-mxnk-rugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1715?format=json","vulnerability_id":"VCID-cbtq-agxw-57f7","summary":"When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-28","reference_id":"mfsa2022-28","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-29","reference_id":"mfsa2022-29","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-30","reference_id":"mfsa2022-30","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-30"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-31","reference_id":"mfsa2022-31","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-31"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-32","reference_id":"mfsa2022-32","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-36318"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtq-agxw-57f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1719?format=json","vulnerability_id":"VCID-ceu2-6hth-pqhp","summary":"In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-34481"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ceu2-6hth-pqhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1837?format=json","vulnerability_id":"VCID-ceyf-44hp-4yas","summary":"Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22748"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ceyf-44hp-4yas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1300?format=json","vulnerability_id":"VCID-cjrw-f991-e7fr","summary":"Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/AVG-2443","reference_id":"AVG-2443","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2443"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-44","reference_id":"mfsa2021-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-44"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45","reference_id":"mfsa2021-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38500"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjrw-f991-e7fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1780?format=json","vulnerability_id":"VCID-cz8b-p2t3-ebgy","summary":"A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31737"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8b-p2t3-ebgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1286?format=json","vulnerability_id":"VCID-d78u-x2t8-vkfg","summary":"When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38504"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d78u-x2t8-vkfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1379?format=json","vulnerability_id":"VCID-d87g-azms-gqbm","summary":"Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.Note: This advisory was added on January 17, 2023 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Thunderbird 91.3.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d87g-azms-gqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1720?format=json","vulnerability_id":"VCID-dgm8-wwst-kbe2","summary":"An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31744"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgm8-wwst-kbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1704?format=json","vulnerability_id":"VCID-dh5x-c794-tqbw","summary":"If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387"},{"reference_url":"https://security.archlinux.org/AVG-2713","reference_id":"AVG-2713","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2713"},{"reference_url":"https://security.archlinux.org/AVG-2714","reference_id":"AVG-2714","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2714"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10","reference_id":"mfsa2022-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11","reference_id":"mfsa2022-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12","reference_id":"mfsa2022-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26384"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-c794-tqbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1769?format=json","vulnerability_id":"VCID-du9t-tmex-akfm","summary":"Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-28289"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du9t-tmex-akfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1770?format=json","vulnerability_id":"VCID-et8w-z5dr-ryaz","summary":"An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature's date roughly matches the displayed date of the email.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-2226"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-et8w-z5dr-ryaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1712?format=json","vulnerability_id":"VCID-f31y-6u4c-t3a9","summary":"Requests initiated through reader mode did not properly omit cookies with a SameSite attribute.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2709","reference_id":"AVG-2709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2709"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16","reference_id":"mfsa2022-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17","reference_id":"mfsa2022-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29912"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f31y-6u4c-t3a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1781?format=json","vulnerability_id":"VCID-f9nt-79kq-6kbf","summary":"When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31738"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9nt-79kq-6kbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1705?format=json","vulnerability_id":"VCID-fn1d-vq36-mkeu","summary":"When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387"},{"reference_url":"https://security.archlinux.org/AVG-2713","reference_id":"AVG-2713","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2713"},{"reference_url":"https://security.archlinux.org/AVG-2714","reference_id":"AVG-2714","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2714"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10","reference_id":"mfsa2022-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11","reference_id":"mfsa2022-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12","reference_id":"mfsa2022-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26387"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1d-vq36-mkeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1830?format=json","vulnerability_id":"VCID-g79j-7c7e-tqgt","summary":"When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22741"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g79j-7c7e-tqgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1767?format=json","vulnerability_id":"VCID-gphr-qsyj-63gz","summary":"Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-28286"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gphr-qsyj-63gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1854?format=json","vulnerability_id":"VCID-gtat-vu5d-7qgu","summary":"If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2728","reference_id":"AVG-2728","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2728"},{"reference_url":"https://security.archlinux.org/AVG-2729","reference_id":"AVG-2729","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-19","reference_id":"mfsa2022-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-19"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1802"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gtat-vu5d-7qgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1313?format=json","vulnerability_id":"VCID-gu45-bq8y-wude","summary":"It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43546"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu45-bq8y-wude"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1763?format=json","vulnerability_id":"VCID-h4xg-mvnj-fbd6","summary":"When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1197"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4xg-mvnj-fbd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1755?format=json","vulnerability_id":"VCID-h7ha-a8cy-xber","summary":"If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22756"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7ha-a8cy-xber"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1758?format=json","vulnerability_id":"VCID-hg2h-8qks-y3df","summary":"Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22761"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hg2h-8qks-y3df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1779?format=json","vulnerability_id":"VCID-hgcq-j17a-73g2","summary":"A malicious website could have learned the size of a cross-origin resource that supported Range requests.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2760","reference_id":"AVG-2760","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2760"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31736"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgcq-j17a-73g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1713?format=json","vulnerability_id":"VCID-jf7m-tfa7-rkf1","summary":"Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2709","reference_id":"AVG-2709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2709"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16","reference_id":"mfsa2022-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17","reference_id":"mfsa2022-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29917"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jf7m-tfa7-rkf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1831?format=json","vulnerability_id":"VCID-k2j6-9g1f-5fh7","summary":"Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22740"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k2j6-9g1f-5fh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1812?format=json","vulnerability_id":"VCID-kgd7-w1fh-juaq","summary":"When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://security.archlinux.org/AVG-2761","reference_id":"AVG-2761","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1834"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgd7-w1fh-juaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1708?format=json","vulnerability_id":"VCID-mdqf-k97m-h3hx","summary":"When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2709","reference_id":"AVG-2709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2709"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16","reference_id":"mfsa2022-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17","reference_id":"mfsa2022-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29914"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdqf-k97m-h3hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1798?format=json","vulnerability_id":"VCID-me5q-nc1u-nudh","summary":"An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape.  We have had reports of attacks in the wild abusing this flaw.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09","reference_id":"mfsa2022-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26486"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-me5q-nc1u-nudh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1714?format=json","vulnerability_id":"VCID-mu7w-p8w8-hbfr","summary":"When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-28","reference_id":"mfsa2022-28","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-29","reference_id":"mfsa2022-29","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-30","reference_id":"mfsa2022-30","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-30"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-31","reference_id":"mfsa2022-31","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-31"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-32","reference_id":"mfsa2022-32","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-36319"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu7w-p8w8-hbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1308?format=json","vulnerability_id":"VCID-mua8-1ggh-r7dr","summary":"When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43541"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mua8-1ggh-r7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1295?format=json","vulnerability_id":"VCID-n78y-94vg-6kek","summary":"Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38502"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n78y-94vg-6kek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1310?format=json","vulnerability_id":"VCID-ncap-puz5-x7hj","summary":"Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43543"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncap-puz5-x7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1768?format=json","vulnerability_id":"VCID-nm7b-hwnd-eud6","summary":"The rust regex crate did not properly prevent crafted regular expressions from taking an arbitrary amount of time during parsing. If an attacker was able to supply input to this crate, they could have caused a denial of service in the browser.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-24713"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nm7b-hwnd-eud6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1838?format=json","vulnerability_id":"VCID-nmh5-vmqu-v7au","summary":"Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22745"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmh5-vmqu-v7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1756?format=json","vulnerability_id":"VCID-ntuu-tveg-fbht","summary":"If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22759"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntuu-tveg-fbht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1765?format=json","vulnerability_id":"VCID-nwsq-gzra-v3b4","summary":"By using a link with rel=\"localization\" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-28282"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsq-gzra-v3b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1304?format=json","vulnerability_id":"VCID-pbb1-awzh-1ub2","summary":"By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43538"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbb1-awzh-1ub2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1847?format=json","vulnerability_id":"VCID-ptyd-s7mf-97dt","summary":"The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29913"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptyd-s7mf-97dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1829?format=json","vulnerability_id":"VCID-rasy-rzuh-bybu","summary":"When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22742"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rasy-rzuh-bybu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1757?format=json","vulnerability_id":"VCID-rhs1-h4t5-qfhn","summary":"When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses.  This could have been abused to learn information cross-origin.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22760"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhs1-h4t5-qfhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1842?format=json","vulnerability_id":"VCID-s15k-b9am-r7dv","summary":"Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22739"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s15k-b9am-r7dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1706?format=json","vulnerability_id":"VCID-s1bx-3697-jqeq","summary":"An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387"},{"reference_url":"https://security.archlinux.org/AVG-2713","reference_id":"AVG-2713","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2713"},{"reference_url":"https://security.archlinux.org/AVG-2714","reference_id":"AVG-2714","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2714"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10","reference_id":"mfsa2022-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11","reference_id":"mfsa2022-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12","reference_id":"mfsa2022-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26381"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s1bx-3697-jqeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1828?format=json","vulnerability_id":"VCID-stux-gscm-skgj","summary":"When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22743"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stux-gscm-skgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1709?format=json","vulnerability_id":"VCID-sze6-7w2j-5qgx","summary":"Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917"},{"reference_url":"https://security.archlinux.org/AVG-2709","reference_id":"AVG-2709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2709"},{"reference_url":"https://security.archlinux.org/AVG-2710","reference_id":"AVG-2710","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2710"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16","reference_id":"mfsa2022-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17","reference_id":"mfsa2022-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18","reference_id":"mfsa2022-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-29909"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sze6-7w2j-5qgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1759?format=json","vulnerability_id":"VCID-t6x1-8n3e-13cp","summary":"When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22763"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6x1-8n3e-13cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1716?format=json","vulnerability_id":"VCID-u2rj-qhkw-uqgf","summary":"A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks.  *This bug only affects Firefox for Linux. Other operating systems are unaffected.*","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-34479"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2rj-qhkw-uqgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1291?format=json","vulnerability_id":"VCID-unnb-hcmb-tqep","summary":"By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38508"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-unnb-hcmb-tqep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1296?format=json","vulnerability_id":"VCID-v22e-ctub-efbx","summary":"During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/AVG-2443","reference_id":"AVG-2443","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2443"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-44","reference_id":"mfsa2021-44","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-44"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45","reference_id":"mfsa2021-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38496"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v22e-ctub-efbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1703?format=json","vulnerability_id":"VCID-vbwy-936q-27fd","summary":"When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387"},{"reference_url":"https://security.archlinux.org/AVG-2713","reference_id":"AVG-2713","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2713"},{"reference_url":"https://security.archlinux.org/AVG-2714","reference_id":"AVG-2714","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2714"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10","reference_id":"mfsa2022-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11","reference_id":"mfsa2022-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12","reference_id":"mfsa2022-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-26383"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbwy-936q-27fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1718?format=json","vulnerability_id":"VCID-vgjr-7typ-j7dm","summary":"An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-34468"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgjr-7typ-j7dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1288?format=json","vulnerability_id":"VCID-w3cg-uv84-q3g5","summary":"Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-38506"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3cg-uv84-q3g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1840?format=json","vulnerability_id":"VCID-wfu5-qgs8-13ht","summary":"After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22747"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wfu5-qgs8-13ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1302?format=json","vulnerability_id":"VCID-xdkv-a1r9-puc9","summary":"Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://security.archlinux.org/ASA-202112-8","reference_id":"ASA-202112-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-8"},{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2606","reference_id":"AVG-2606","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2606"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-43536"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xdkv-a1r9-puc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1843?format=json","vulnerability_id":"VCID-xnm6-t57z-nbde","summary":"Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-22751"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnm6-t57z-nbde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1783?format=json","vulnerability_id":"VCID-xv8k-7bdk-wffg","summary":"On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-31740"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xv8k-7bdk-wffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1314?format=json","vulnerability_id":"VCID-yfmn-xrkm-dycf","summary":"Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52","reference_id":"mfsa2021-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-52"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53","reference_id":"mfsa2021-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-53"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-4129"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfmn-xrkm-dycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1329?format=json","vulnerability_id":"VCID-ywbj-pvzd-77f5","summary":"Thunderbird users who use the Matrix chat protocol were vulnerable\nto a buffer overflow in libolm, that an attacker may trigger by a crafted\nsequence of  messages. The overflow content is partially controllable\nby the attacker and limited to ASCII spaces and digits.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://gitlab.matrix.org/matrix-org/olm/-/tags","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.matrix.org/matrix-org/olm/-/tags"},{"reference_url":"https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk","reference_id":"","reference_type":"","scores":[],"url":"https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk"},{"reference_url":"https://security.archlinux.org/AVG-2638","reference_id":"AVG-2638","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2638"},{"reference_url":"https://security.archlinux.org/AVG-2639","reference_id":"AVG-2639","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2639"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44538","reference_id":"CVE-2021-44538","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44538"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-55","reference_id":"mfsa2021-55","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-55"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-44538"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywbj-pvzd-77f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1834?format=json","vulnerability_id":"VCID-za4p-xx3x-27c4","summary":"It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2021-4140"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-za4p-xx3x-27c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1761?format=json","vulnerability_id":"VCID-zhwx-775r-t7fy","summary":"NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289"},{"reference_url":"https://security.archlinux.org/AVG-2711","reference_id":"AVG-2711","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2711"},{"reference_url":"https://security.archlinux.org/AVG-2712","reference_id":"AVG-2712","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2712"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13","reference_id":"mfsa2022-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14","reference_id":"mfsa2022-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15","reference_id":"mfsa2022-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5166?format=json","purl":"pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:91.12.0-1~deb10u1"}],"aliases":["CVE-2022-1097"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhwx-775r-t7fy"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1273?format=json","vulnerability_id":"VCID-1cnr-28vc-sqcy","summary":"Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29980"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1cnr-28vc-sqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1259?format=json","vulnerability_id":"VCID-1h7r-rcqz-abay","summary":"The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash.\n*Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29945"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1h7r-rcqz-abay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1353?format=json","vulnerability_id":"VCID-3fws-ejra-mfa8","summary":"An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11","reference_id":"mfsa2021-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12","reference_id":"mfsa2021-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-4127"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fws-ejra-mfa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1253?format=json","vulnerability_id":"VCID-5fw4-9nf9-h3d7","summary":"A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-3","reference_id":"ASA-202104-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-3"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1834","reference_id":"AVG-1834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1834"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23994"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fw4-9nf9-h3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1270?format=json","vulnerability_id":"VCID-5h5r-wcta-a7au","summary":"A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.*","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29986"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5h5r-wcta-a7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1372?format=json","vulnerability_id":"VCID-65qx-jkez-8fgd","summary":"If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-22","reference_id":"mfsa2021-22","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29957"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-65qx-jkez-8fgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1257?format=json","vulnerability_id":"VCID-7ex1-ufcv-5yg8","summary":"If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-3","reference_id":"ASA-202104-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-3"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1834","reference_id":"AVG-1834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1834"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23999"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ex1-ufcv-5yg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1260?format=json","vulnerability_id":"VCID-7nqh-truu-7khb","summary":"Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-3","reference_id":"ASA-202104-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-3"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1834","reference_id":"AVG-1834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1834"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29946"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7nqh-truu-7khb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1275?format=json","vulnerability_id":"VCID-918z-26zm-67hc","summary":"Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety bugs present in Thunderbird 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29989"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-918z-26zm-67hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1327?format=json","vulnerability_id":"VCID-ab23-e5u8-ykck","summary":"Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29948"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ab23-e5u8-ykck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1351?format=json","vulnerability_id":"VCID-d33d-6x1s-kyfp","summary":"An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13","reference_id":"mfsa2021-13","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23993"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d33d-6x1s-kyfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1345?format=json","vulnerability_id":"VCID-dvbc-un9c-dka7","summary":"Mozilla developers and community members Matthew Gregan, Tyson Smith, Julien Wajsberg, and Alexis Beingessner reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127"},{"reference_url":"https://security.archlinux.org/AVG-1728","reference_id":"AVG-1728","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1728"},{"reference_url":"https://security.archlinux.org/AVG-1729","reference_id":"AVG-1729","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10","reference_id":"mfsa2021-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11","reference_id":"mfsa2021-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12","reference_id":"mfsa2021-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23987"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dvbc-un9c-dka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1347?format=json","vulnerability_id":"VCID-egmy-hc3v-eyen","summary":"Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-17","reference_id":"mfsa2021-17","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29950"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egmy-hc3v-eyen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1355?format=json","vulnerability_id":"VCID-ewjv-u485-dqg9","summary":"If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29969"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewjv-u485-dqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1254?format=json","vulnerability_id":"VCID-fhb3-5sbs-s7cq","summary":"When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-3","reference_id":"ASA-202104-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-3"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1834","reference_id":"AVG-1834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1834"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23995"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhb3-5sbs-s7cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1268?format=json","vulnerability_id":"VCID-j7v9-pfg1-v3c7","summary":"Mozilla developers Emil Ghitta, Tyson Smith, Valentin Gosu, Olli Pettay, and Randell Jesup reported memory safety bugs present in Firefox 89 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://security.archlinux.org/ASA-202107-20","reference_id":"ASA-202107-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-20"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2148","reference_id":"AVG-2148","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2148"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28","reference_id":"mfsa2021-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29","reference_id":"mfsa2021-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29976"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7v9-pfg1-v3c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1320?format=json","vulnerability_id":"VCID-maga-jq3w-1bfk","summary":"Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Firefox 88 and Firefox ESR 78.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967"},{"reference_url":"https://security.archlinux.org/ASA-202106-22","reference_id":"ASA-202106-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-22"},{"reference_url":"https://security.archlinux.org/ASA-202106-3","reference_id":"ASA-202106-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-3"},{"reference_url":"https://security.archlinux.org/AVG-2018","reference_id":"AVG-2018","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2018"},{"reference_url":"https://security.archlinux.org/AVG-2035","reference_id":"AVG-2035","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2035"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-23","reference_id":"mfsa2021-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-23"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-24","reference_id":"mfsa2021-24","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-26","reference_id":"mfsa2021-26","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29967"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-maga-jq3w-1bfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1342?format=json","vulnerability_id":"VCID-mnc8-vfr4-s7a2","summary":"A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127"},{"reference_url":"https://security.archlinux.org/AVG-1728","reference_id":"AVG-1728","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1728"},{"reference_url":"https://security.archlinux.org/AVG-1729","reference_id":"AVG-1729","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10","reference_id":"mfsa2021-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11","reference_id":"mfsa2021-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12","reference_id":"mfsa2021-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23984"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnc8-vfr4-s7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1261?format=json","vulnerability_id":"VCID-mv47-mh43-wfg1","summary":"A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug only affected Firefox when accessibility was enabled.*","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://security.archlinux.org/ASA-202107-20","reference_id":"ASA-202107-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-20"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2148","reference_id":"AVG-2148","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2148"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28","reference_id":"mfsa2021-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29","reference_id":"mfsa2021-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29970"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mv47-mh43-wfg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1352?format=json","vulnerability_id":"VCID-myk6-n88n-s7bu","summary":"When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13","reference_id":"mfsa2021-13","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29949"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myk6-n88n-s7bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1272?format=json","vulnerability_id":"VCID-n657-bctg-1few","summary":"Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29984"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n657-bctg-1few"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1258?format=json","vulnerability_id":"VCID-ppcj-1ng5-53hq","summary":"When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-3","reference_id":"ASA-202104-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-3"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1834","reference_id":"AVG-1834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1834"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-24002"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcj-1ng5-53hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1340?format=json","vulnerability_id":"VCID-t42j-3sa7-dbdz","summary":"Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127"},{"reference_url":"https://security.archlinux.org/AVG-1728","reference_id":"AVG-1728","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1728"},{"reference_url":"https://security.archlinux.org/AVG-1729","reference_id":"AVG-1729","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10","reference_id":"mfsa2021-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11","reference_id":"mfsa2021-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12","reference_id":"mfsa2021-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23982"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t42j-3sa7-dbdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1339?format=json","vulnerability_id":"VCID-uqnd-w9j9-9yh7","summary":"A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4127"},{"reference_url":"https://security.archlinux.org/AVG-1728","reference_id":"AVG-1728","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1728"},{"reference_url":"https://security.archlinux.org/AVG-1729","reference_id":"AVG-1729","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1729"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10","reference_id":"mfsa2021-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11","reference_id":"mfsa2021-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12","reference_id":"mfsa2021-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23981"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqnd-w9j9-9yh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1350?format=json","vulnerability_id":"VCID-uutx-g45d-1khs","summary":"Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13","reference_id":"mfsa2021-13","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23992"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uutx-g45d-1khs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1263?format=json","vulnerability_id":"VCID-w6kt-w2ua-myfm","summary":"An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547"},{"reference_url":"https://security.archlinux.org/ASA-202106-31","reference_id":"ASA-202106-31","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-31"},{"reference_url":"https://security.archlinux.org/ASA-202106-32","reference_id":"ASA-202106-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-32"},{"reference_url":"https://security.archlinux.org/ASA-202107-20","reference_id":"ASA-202107-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-20"},{"reference_url":"https://security.archlinux.org/ASA-202107-21","reference_id":"ASA-202107-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-21"},{"reference_url":"https://security.archlinux.org/AVG-2057","reference_id":"AVG-2057","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2057"},{"reference_url":"https://security.archlinux.org/AVG-2058","reference_id":"AVG-2058","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2058"},{"reference_url":"https://security.archlinux.org/AVG-2148","reference_id":"AVG-2148","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2148"},{"reference_url":"https://security.archlinux.org/AVG-2152","reference_id":"AVG-2152","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2152"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28","reference_id":"mfsa2021-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29","reference_id":"mfsa2021-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30","reference_id":"mfsa2021-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-30547"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6kt-w2ua-myfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1271?format=json","vulnerability_id":"VCID-wqye-9ny7-e7a3","summary":"Thunderbird incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29988"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wqye-9ny7-e7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1330?format=json","vulnerability_id":"VCID-wrq2-8htg-eqd3","summary":"Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38493"},{"reference_url":"https://security.archlinux.org/AVG-2344","reference_id":"AVG-2344","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2344"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-38","reference_id":"mfsa2021-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-38"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-39","reference_id":"mfsa2021-39","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-39"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-42","reference_id":"mfsa2021-42","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-38493"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrq2-8htg-eqd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1373?format=json","vulnerability_id":"VCID-wt46-dnb6-53g6","summary":"OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-22","reference_id":"mfsa2021-22","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29956"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wt46-dnb6-53g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1349?format=json","vulnerability_id":"VCID-xc8x-cub9-pkcd","summary":"If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey, Thunderbird might subsequently attempt to use the invalid subkey, and will fail to send encrypted email to Alice.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13","reference_id":"mfsa2021-13","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23991"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xc8x-cub9-pkcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1274?format=json","vulnerability_id":"VCID-yny3-7vjj-kyga","summary":"A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989"},{"reference_url":"https://security.archlinux.org/ASA-202108-14","reference_id":"ASA-202108-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202108-14"},{"reference_url":"https://security.archlinux.org/AVG-2269","reference_id":"AVG-2269","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2269"},{"reference_url":"https://security.archlinux.org/AVG-2270","reference_id":"AVG-2270","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2270"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33","reference_id":"mfsa2021-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34","reference_id":"mfsa2021-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35","reference_id":"mfsa2021-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36","reference_id":"mfsa2021-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-36"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-29985"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yny3-7vjj-kyga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1255?format=json","vulnerability_id":"VCID-zjej-aua1-abbc","summary":"Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202104-3","reference_id":"ASA-202104-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-3"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1834","reference_id":"AVG-1834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1834"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16","reference_id":"mfsa2021-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23998"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjej-aua1-abbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1256?format=json","vulnerability_id":"VCID-zuvn-gw4m-47c9","summary":"Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949"},{"reference_url":"https://security.archlinux.org/ASA-202102-1","reference_id":"ASA-202102-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-1"},{"reference_url":"https://security.archlinux.org/ASA-202104-4","reference_id":"ASA-202104-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-4"},{"reference_url":"https://security.archlinux.org/AVG-1492","reference_id":"AVG-1492","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1492"},{"reference_url":"https://security.archlinux.org/AVG-1836","reference_id":"AVG-1836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1836"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-03","reference_id":"mfsa2021-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14","reference_id":"mfsa2021-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15","reference_id":"mfsa2021-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5165?format=json","purl":"pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-1nmu-sdab-2yhh"},{"vulnerability":"VCID-1rhs-t2kk-pyh5"},{"vulnerability":"VCID-25bh-n5g8-w7fz"},{"vulnerability":"VCID-38br-a5x4-ska5"},{"vulnerability":"VCID-3qt5-w1we-67hp"},{"vulnerability":"VCID-3xnh-sesb-bfbv"},{"vulnerability":"VCID-473a-9b6z-bufs"},{"vulnerability":"VCID-49pe-xh4r-uqab"},{"vulnerability":"VCID-4dx9-1499-gqcz"},{"vulnerability":"VCID-4xhj-hee5-9qes"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6k79-gy9s-33h4"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-6mx3-erwd-9fb6"},{"vulnerability":"VCID-6yc1-jutk-1fcz"},{"vulnerability":"VCID-7juy-9d9m-q3ak"},{"vulnerability":"VCID-7s6p-8cx2-bybs"},{"vulnerability":"VCID-8mx3-68nj-wkhc"},{"vulnerability":"VCID-8pg7-szzq-mqc6"},{"vulnerability":"VCID-8sqq-nnpq-pkc2"},{"vulnerability":"VCID-8th2-q8wd-tyec"},{"vulnerability":"VCID-8x8f-1u2g-subu"},{"vulnerability":"VCID-8xck-dpza-gbaj"},{"vulnerability":"VCID-9ecm-dv8p-7ydz"},{"vulnerability":"VCID-9nc3-6nbk-cqgs"},{"vulnerability":"VCID-awaj-87fh-hbfj"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-bnuz-8g1t-ybc2"},{"vulnerability":"VCID-bv8a-p6r5-17cz"},{"vulnerability":"VCID-bvhn-6mnr-vyas"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-cbtq-agxw-57f7"},{"vulnerability":"VCID-ceu2-6hth-pqhp"},{"vulnerability":"VCID-ceyf-44hp-4yas"},{"vulnerability":"VCID-cjrw-f991-e7fr"},{"vulnerability":"VCID-cz8b-p2t3-ebgy"},{"vulnerability":"VCID-d78u-x2t8-vkfg"},{"vulnerability":"VCID-d87g-azms-gqbm"},{"vulnerability":"VCID-dgm8-wwst-kbe2"},{"vulnerability":"VCID-dh5x-c794-tqbw"},{"vulnerability":"VCID-du9t-tmex-akfm"},{"vulnerability":"VCID-et8w-z5dr-ryaz"},{"vulnerability":"VCID-f31y-6u4c-t3a9"},{"vulnerability":"VCID-f9nt-79kq-6kbf"},{"vulnerability":"VCID-fn1d-vq36-mkeu"},{"vulnerability":"VCID-g79j-7c7e-tqgt"},{"vulnerability":"VCID-gphr-qsyj-63gz"},{"vulnerability":"VCID-gtat-vu5d-7qgu"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-h4xg-mvnj-fbd6"},{"vulnerability":"VCID-h7ha-a8cy-xber"},{"vulnerability":"VCID-hg2h-8qks-y3df"},{"vulnerability":"VCID-hgcq-j17a-73g2"},{"vulnerability":"VCID-jf7m-tfa7-rkf1"},{"vulnerability":"VCID-k2j6-9g1f-5fh7"},{"vulnerability":"VCID-kgd7-w1fh-juaq"},{"vulnerability":"VCID-mdqf-k97m-h3hx"},{"vulnerability":"VCID-me5q-nc1u-nudh"},{"vulnerability":"VCID-mu7w-p8w8-hbfr"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-n78y-94vg-6kek"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-nm7b-hwnd-eud6"},{"vulnerability":"VCID-nmh5-vmqu-v7au"},{"vulnerability":"VCID-ntuu-tveg-fbht"},{"vulnerability":"VCID-nwsq-gzra-v3b4"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-ptyd-s7mf-97dt"},{"vulnerability":"VCID-rasy-rzuh-bybu"},{"vulnerability":"VCID-rhs1-h4t5-qfhn"},{"vulnerability":"VCID-s15k-b9am-r7dv"},{"vulnerability":"VCID-s1bx-3697-jqeq"},{"vulnerability":"VCID-stux-gscm-skgj"},{"vulnerability":"VCID-sze6-7w2j-5qgx"},{"vulnerability":"VCID-t6x1-8n3e-13cp"},{"vulnerability":"VCID-u2rj-qhkw-uqgf"},{"vulnerability":"VCID-unnb-hcmb-tqep"},{"vulnerability":"VCID-v22e-ctub-efbx"},{"vulnerability":"VCID-vbwy-936q-27fd"},{"vulnerability":"VCID-vgjr-7typ-j7dm"},{"vulnerability":"VCID-w3cg-uv84-q3g5"},{"vulnerability":"VCID-wfu5-qgs8-13ht"},{"vulnerability":"VCID-xdkv-a1r9-puc9"},{"vulnerability":"VCID-xnm6-t57z-nbde"},{"vulnerability":"VCID-xv8k-7bdk-wffg"},{"vulnerability":"VCID-yfmn-xrkm-dycf"},{"vulnerability":"VCID-ywbj-pvzd-77f5"},{"vulnerability":"VCID-za4p-xx3x-27c4"},{"vulnerability":"VCID-zhwx-775r-t7fy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}],"aliases":["CVE-2021-23961"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zuvn-gw4m-47c9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:78.14.0-1~deb10u1"}