{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","type":"deb","namespace":"debian","name":"firefox","version":"94.0-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"95.0-1","latest_non_vulnerable_version":"150.0.3-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63236?format=json","vulnerability_id":"VCID-2v3a-jr55-ybbj","summary":"The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an authentication token used to takeover a user account.  If a website tricked a user into copy and pasting the image link back to the page, the page would be able to steal the authentication tokens.  This was fixed by making the action return the original URL, before any redirects.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43532","reference_id":"","reference_type":"","scores":[{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34866","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34742","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34768","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34835","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34853","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.3521","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35254","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.3528","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35247","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35223","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35262","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35248","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35198","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34964","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34946","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34856","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34728","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.348","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34837","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45267","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45369","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43532"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-43532"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2v3a-jr55-ybbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63235?format=json","vulnerability_id":"VCID-5tg2-vh52-5yhc","summary":"When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked.  If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should have access to.  This was fixed to provide the pre-redirect URL. This is related to CVE-2021-43532 but in the context of Web Extensions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43531","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24639","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24513","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24531","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24611","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24642","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24667","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24735","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24782","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24754","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24698","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24712","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24704","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24683","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24624","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24613","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24569","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24447","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24523","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24587","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33582","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33945","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43531"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-43531"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tg2-vh52-5yhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31134?format=json","vulnerability_id":"VCID-b8c2-qrxm-sybt","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38508.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38508","reference_id":"","reference_type":"","scores":[{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56279","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56294","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56284","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56766","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56707","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56646","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56663","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56601","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56647","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56709","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.5666","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56684","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56747","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56762","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56726","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56736","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56734","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.62945","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63004","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00437","scoring_system":"epss","scoring_elements":"0.63033","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63313","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019627","reference_id":"2019627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019627"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5131-1/","reference_id":"USN-5131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5131-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-38508"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8c2-qrxm-sybt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31135?format=json","vulnerability_id":"VCID-b911-qnc2-x3aj","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38509.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38509","reference_id":"","reference_type":"","scores":[{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60742","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60782","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60757","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61279","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61155","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61148","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61096","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61145","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61204","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61166","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61192","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61251","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61266","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61142","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61122","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61163","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61169","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61151","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.6114","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66896","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00524","scoring_system":"epss","scoring_elements":"0.66922","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67244","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019628","reference_id":"2019628","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019628"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5131-1/","reference_id":"USN-5131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5131-1/"},{"reference_url":"https://usn.ubuntu.com/5152-1/","reference_id":"USN-5152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5152-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-38509"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b911-qnc2-x3aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31131?format=json","vulnerability_id":"VCID-c51s-yenc-4yab","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38504","reference_id":"","reference_type":"","scores":[{"value":"0.00805","scoring_system":"epss","scoring_elements":"0.74085","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00805","scoring_system":"epss","scoring_elements":"0.74117","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00805","scoring_system":"epss","scoring_elements":"0.74091","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79923","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79788","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79794","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79809","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79823","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79849","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79864","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.7986","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79876","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79914","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.7992","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79731","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79725","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79754","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79755","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79758","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01711","scoring_system":"epss","scoring_elements":"0.82324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01711","scoring_system":"epss","scoring_elements":"0.82351","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01711","scoring_system":"epss","scoring_elements":"0.82332","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01711","scoring_system":"epss","scoring_elements":"0.82297","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019622","reference_id":"2019622","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019622"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5131-1/","reference_id":"USN-5131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5131-1/"},{"reference_url":"https://usn.ubuntu.com/5152-1/","reference_id":"USN-5152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5152-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-38504"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c51s-yenc-4yab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31130?format=json","vulnerability_id":"VCID-ddem-1dt1-uff7","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38503.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38503","reference_id":"","reference_type":"","scores":[{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.78042","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77886","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77895","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77909","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.7792","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.7795","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77967","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77958","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77977","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.78022","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.78035","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.7781","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77841","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77826","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77861","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.7786","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01079","scoring_system":"epss","scoring_elements":"0.77854","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01405","scoring_system":"epss","scoring_elements":"0.8042","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01405","scoring_system":"epss","scoring_elements":"0.80404","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01405","scoring_system":"epss","scoring_elements":"0.8041","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01405","scoring_system":"epss","scoring_elements":"0.80431","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019621","reference_id":"2019621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019621"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5131-1/","reference_id":"USN-5131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5131-1/"},{"reference_url":"https://usn.ubuntu.com/5152-1/","reference_id":"USN-5152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5152-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-38503"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddem-1dt1-uff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63234?format=json","vulnerability_id":"VCID-j2qz-wqhk-yfb6","summary":"A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code.*This bug only affects Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43530","reference_id":"","reference_type":"","scores":[{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90828","published_at":"2026-05-16T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90803","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90801","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90811","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90823","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90723","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90728","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90738","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90737","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90734","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90753","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90751","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90749","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90755","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90773","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06043","scoring_system":"epss","scoring_elements":"0.90791","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07071","scoring_system":"epss","scoring_elements":"0.91468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07071","scoring_system":"epss","scoring_elements":"0.91475","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07071","scoring_system":"epss","scoring_elements":"0.91481","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43530"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-43530"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2qz-wqhk-yfb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31133?format=json","vulnerability_id":"VCID-jy6e-d578-nkcg","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38507.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38507","reference_id":"","reference_type":"","scores":[{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64007","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64093","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67438","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67292","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67303","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67304","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67277","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67317","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67355","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67328","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67352","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67413","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67425","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67281","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67246","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67293","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67272","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67544","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67581","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67559","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67492","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019625","reference_id":"2019625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019625"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5131-1/","reference_id":"USN-5131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5131-1/"},{"reference_url":"https://usn.ubuntu.com/5152-1/","reference_id":"USN-5152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5152-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-38507"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jy6e-d578-nkcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63201?format=json","vulnerability_id":"VCID-k4e4-363e-xyff","summary":"Mozilla developers and community members Christian Holler, Valentin Gosu, and Andrew McCreight reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43534.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43534","reference_id":"","reference_type":"","scores":[{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.73172","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.73202","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.73182","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.79055","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78946","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78968","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78982","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78979","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78996","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.79035","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.79048","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78864","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78883","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.7888","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78877","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78906","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.78913","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01193","scoring_system":"epss","scoring_elements":"0.7893","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0163","scoring_system":"epss","scoring_elements":"0.81874","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0163","scoring_system":"epss","scoring_elements":"0.81847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0163","scoring_system":"epss","scoring_elements":"0.8188","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0163","scoring_system":"epss","scoring_elements":"0.819","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019630","reference_id":"2019630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019630"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-43534"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4e4-363e-xyff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31132?format=json","vulnerability_id":"VCID-n4kc-y37w-qkdk","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38506.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38506","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52992","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52968","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73599","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73634","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73647","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.7367","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75384","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.753","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75325","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75306","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75314","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.7537","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75374","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75197","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75222","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75228","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75219","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75256","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75259","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75263","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75272","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019624","reference_id":"2019624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019624"},{"reference_url":"https://security.archlinux.org/ASA-202111-2","reference_id":"ASA-202111-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-2"},{"reference_url":"https://security.archlinux.org/ASA-202111-3","reference_id":"ASA-202111-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202111-3"},{"reference_url":"https://security.archlinux.org/AVG-2511","reference_id":"AVG-2511","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2511"},{"reference_url":"https://security.archlinux.org/AVG-2518","reference_id":"AVG-2518","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2518"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://security.gentoo.org/glsa/202208-14","reference_id":"GLSA-202208-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4116","reference_id":"RHSA-2021:4116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4123","reference_id":"RHSA-2021:4123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4130","reference_id":"RHSA-2021:4130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4132","reference_id":"RHSA-2021:4132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4133","reference_id":"RHSA-2021:4133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4134","reference_id":"RHSA-2021:4134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4605","reference_id":"RHSA-2021:4605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4607","reference_id":"RHSA-2021:4607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4607"},{"reference_url":"https://usn.ubuntu.com/5131-1/","reference_id":"USN-5131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5131-1/"},{"reference_url":"https://usn.ubuntu.com/5152-1/","reference_id":"USN-5152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5152-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-38506"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n4kc-y37w-qkdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63237?format=json","vulnerability_id":"VCID-z29z-sf3c-3ubb","summary":"When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43533","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40082","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.39956","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.39978","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40043","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40055","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40319","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.4037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40382","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40393","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40356","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40336","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40352","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40276","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40197","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40184","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40103","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.39966","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40035","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51707","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51756","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51782","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43533"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584097?format=json","purl":"pkg:deb/debian/firefox@94.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2021-43533"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z29z-sf3c-3ubb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@94.0-1%3Fdistro=sid"}