Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:mozilla/Thunderbird@102.5.1
Typemozilla
Namespace
NameThunderbird
Version102.5.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version102.6.0
Latest_non_vulnerable_version150.0.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-x4b1-wug7-wuex
vulnerability_id VCID-x4b1-wug7-wuex
summary If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targeting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45414.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45414.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45414
reference_id
reference_type
scores
0
value 0.00279
scoring_system epss
scoring_elements 0.51222
published_at 2026-05-07T12:55:00Z
1
value 0.00279
scoring_system epss
scoring_elements 0.51324
published_at 2026-04-16T12:55:00Z
2
value 0.00279
scoring_system epss
scoring_elements 0.51332
published_at 2026-04-18T12:55:00Z
3
value 0.00279
scoring_system epss
scoring_elements 0.5131
published_at 2026-04-21T12:55:00Z
4
value 0.00279
scoring_system epss
scoring_elements 0.51258
published_at 2026-04-24T12:55:00Z
5
value 0.00279
scoring_system epss
scoring_elements 0.51229
published_at 2026-04-29T12:55:00Z
6
value 0.00279
scoring_system epss
scoring_elements 0.51171
published_at 2026-05-05T12:55:00Z
7
value 0.00279
scoring_system epss
scoring_elements 0.51239
published_at 2026-04-02T12:55:00Z
8
value 0.00279
scoring_system epss
scoring_elements 0.51265
published_at 2026-05-09T12:55:00Z
9
value 0.00279
scoring_system epss
scoring_elements 0.51223
published_at 2026-04-07T12:55:00Z
10
value 0.00279
scoring_system epss
scoring_elements 0.51279
published_at 2026-04-08T12:55:00Z
11
value 0.00279
scoring_system epss
scoring_elements 0.51275
published_at 2026-04-09T12:55:00Z
12
value 0.00279
scoring_system epss
scoring_elements 0.51319
published_at 2026-04-11T12:55:00Z
13
value 0.00279
scoring_system epss
scoring_elements 0.51298
published_at 2026-04-12T12:55:00Z
14
value 0.00279
scoring_system epss
scoring_elements 0.51284
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45414
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45414
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46872
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46872
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46874
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46874
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46878
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46878
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46880
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46880
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46881
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46881
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46882
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46882
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2149868
reference_id 2149868
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2149868
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-50
reference_id mfsa2022-50
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-50
12
reference_url https://www.mozilla.org/security/advisories/mfsa2022-50/
reference_id mfsa2022-50
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:54:57Z/
url https://www.mozilla.org/security/advisories/mfsa2022-50/
13
reference_url https://access.redhat.com/errata/RHSA-2022:9074
reference_id RHSA-2022:9074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9074
14
reference_url https://access.redhat.com/errata/RHSA-2022:9075
reference_id RHSA-2022:9075
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9075
15
reference_url https://access.redhat.com/errata/RHSA-2022:9076
reference_id RHSA-2022:9076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9076
16
reference_url https://access.redhat.com/errata/RHSA-2022:9077
reference_id RHSA-2022:9077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9077
17
reference_url https://access.redhat.com/errata/RHSA-2022:9078
reference_id RHSA-2022:9078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9078
18
reference_url https://access.redhat.com/errata/RHSA-2022:9079
reference_id RHSA-2022:9079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9079
19
reference_url https://access.redhat.com/errata/RHSA-2022:9080
reference_id RHSA-2022:9080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9080
20
reference_url https://access.redhat.com/errata/RHSA-2022:9081
reference_id RHSA-2022:9081
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9081
21
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1788096
reference_id show_bug.cgi?id=1788096
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:54:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1788096
22
reference_url https://usn.ubuntu.com/5824-1/
reference_id USN-5824-1
reference_type
scores
url https://usn.ubuntu.com/5824-1/
fixed_packages
0
url pkg:mozilla/Thunderbird@102.5.1
purl pkg:mozilla/Thunderbird@102.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@102.5.1
aliases CVE-2022-45414
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4b1-wug7-wuex
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@102.5.1