{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","type":"deb","namespace":"debian","name":"thunderbird","version":"1:115.6.0-1~deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:115.6.0-1~deb12u1","latest_non_vulnerable_version":"1:140.10.0esr-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51437?format=json","vulnerability_id":"VCID-5qf5-d44c-t7gu","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6862.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6862","reference_id":"","reference_type":"","scores":[{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.5868","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58615","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58675","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58643","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58682","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58664","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58658","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58636","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63295","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63264","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63283","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63297","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255368","reference_id":"2255368","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255368"},{"reference_url":"https://www.debian.org/security/2023/dsa-5581","reference_id":"dsa-5581","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://www.debian.org/security/2023/dsa-5581"},{"reference_url":"https://www.debian.org/security/2023/dsa-5582","reference_id":"dsa-5582","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://www.debian.org/security/2023/dsa-5582"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-54/","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-55/","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-55/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1868042","reference_id":"show_bug.cgi?id=1868042","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1868042"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6862"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qf5-d44c-t7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51434?format=json","vulnerability_id":"VCID-9z3s-qfbc-vbdc","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6859.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6859","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59159","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.6157","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.61565","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63656","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63608","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63654","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63641","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63583","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63609","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63573","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63625","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255364","reference_id":"2255364","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255364"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6859"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9z3s-qfbc-vbdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51435?format=json","vulnerability_id":"VCID-bw96-5g6y-j3c4","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6860.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6860.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6860","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62881","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63638","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63657","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64619","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64653","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.6464","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64612","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64648","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64659","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64636","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64584","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64571","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255365","reference_id":"2255365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255365"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6860"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bw96-5g6y-j3c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51446?format=json","vulnerability_id":"VCID-j45f-m9q5-vfah","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50762.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50762.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50762","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40163","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40085","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4015","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40161","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40123","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40104","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40124","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52318","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52266","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52273","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255379","reference_id":"2255379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255379"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-50762"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j45f-m9q5-vfah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51432?format=json","vulnerability_id":"VCID-kskc-agaw-8bcr","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6857","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40745","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40775","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40755","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40707","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40757","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.4073","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40749","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45367","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45504","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45418","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45428","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255362","reference_id":"2255362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255362"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6857"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kskc-agaw-8bcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51445?format=json","vulnerability_id":"VCID-nq6f-ezcx-mfas","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50761.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50761","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40163","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40085","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4015","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40161","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40123","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40104","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40124","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52318","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52266","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52273","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255378","reference_id":"2255378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255378"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-50761"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nq6f-ezcx-mfas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51439?format=json","vulnerability_id":"VCID-pepm-1t68-uuf1","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6864.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6864.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6864","reference_id":"","reference_type":"","scores":[{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65731","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65721","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.65706","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69208","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6918","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69219","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69228","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69223","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69151","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69132","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69182","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255370","reference_id":"2255370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255370"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6864"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pepm-1t68-uuf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51431?format=json","vulnerability_id":"VCID-qdqj-rhcr-wbca","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6856.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6856.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6856","reference_id":"","reference_type":"","scores":[{"value":"0.10471","scoring_system":"epss","scoring_elements":"0.93273","published_at":"2026-04-24T12:55:00Z"},{"value":"0.10471","scoring_system":"epss","scoring_elements":"0.9327","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10471","scoring_system":"epss","scoring_elements":"0.93266","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10471","scoring_system":"epss","scoring_elements":"0.93268","published_at":"2026-04-21T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93441","published_at":"2026-04-16T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93446","published_at":"2026-04-18T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93421","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93397","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93413","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10986","scoring_system":"epss","scoring_elements":"0.93416","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255360","reference_id":"2255360","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255360"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6856"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qdqj-rhcr-wbca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51433?format=json","vulnerability_id":"VCID-tps4-kxe2-5ugb","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6858","reference_id":"","reference_type":"","scores":[{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61774","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.6178","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61764","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63708","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.6376","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63748","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63788","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63778","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63742","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63776","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.63777","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255363","reference_id":"2255363","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255363"},{"reference_url":"https://www.debian.org/security/2023/dsa-5581","reference_id":"dsa-5581","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://www.debian.org/security/2023/dsa-5581"},{"reference_url":"https://www.debian.org/security/2023/dsa-5582","reference_id":"dsa-5582","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://www.debian.org/security/2023/dsa-5582"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-54/","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-55/","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-55/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-56/","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-56/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1826791","reference_id":"show_bug.cgi?id=1826791","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1826791"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6858"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tps4-kxe2-5ugb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51436?format=json","vulnerability_id":"VCID-zhu4-sy56-1yea","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6861.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6861.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6861","reference_id":"","reference_type":"","scores":[{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.6171","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61704","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61609","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61639","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61658","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61672","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61694","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61663","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.61682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00499","scoring_system":"epss","scoring_elements":"0.66004","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00499","scoring_system":"epss","scoring_elements":"0.65975","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00499","scoring_system":"epss","scoring_elements":"0.65995","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00499","scoring_system":"epss","scoring_elements":"0.66006","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255367","reference_id":"2255367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255367"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54","reference_id":"mfsa2023-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55","reference_id":"mfsa2023-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56","reference_id":"mfsa2023-56","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-56"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0001","reference_id":"RHSA-2024:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0002","reference_id":"RHSA-2024:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0003","reference_id":"RHSA-2024:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0004","reference_id":"RHSA-2024:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0005","reference_id":"RHSA-2024:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0011","reference_id":"RHSA-2024:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0012","reference_id":"RHSA-2024:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0019","reference_id":"RHSA-2024:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0021","reference_id":"RHSA-2024:0021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0022","reference_id":"RHSA-2024:0022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0023","reference_id":"RHSA-2024:0023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0024","reference_id":"RHSA-2024:0024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0025","reference_id":"RHSA-2024:0025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0026","reference_id":"RHSA-2024:0026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0027","reference_id":"RHSA-2024:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0028","reference_id":"RHSA-2024:0028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0029","reference_id":"RHSA-2024:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0030","reference_id":"RHSA-2024:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0030"},{"reference_url":"https://usn.ubuntu.com/6562-1/","reference_id":"USN-6562-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6562-1/"},{"reference_url":"https://usn.ubuntu.com/6563-1/","reference_id":"USN-6563-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6563-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940924?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940923?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940925?format=json","purl":"pkg:deb/debian/thunderbird@1:115.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940802?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940800?format=json","purl":"pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940804?format=json","purl":"pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940803?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dw5-vpt8-zqbz"},{"vulnerability":"VCID-9ag7-z86d-nba9"},{"vulnerability":"VCID-qbzp-euvv-q7c7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067638?format=json","purl":"pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fqb-r5zb-a7dp"},{"vulnerability":"VCID-3kv6-c148-nkhq"},{"vulnerability":"VCID-59d3-343b-e3aw"},{"vulnerability":"VCID-61r1-arbe-dke4"},{"vulnerability":"VCID-7jt2-zr49-7ye5"},{"vulnerability":"VCID-95et-ezmb-buau"},{"vulnerability":"VCID-9nbw-7c9e-13af"},{"vulnerability":"VCID-av7u-3g4m-mugm"},{"vulnerability":"VCID-bwth-uepr-z7a3"},{"vulnerability":"VCID-cjsm-7gxr-8ygw"},{"vulnerability":"VCID-d16s-p141-qbft"},{"vulnerability":"VCID-fxjm-ywug-f3d5"},{"vulnerability":"VCID-hk2m-rbdy-nqhc"},{"vulnerability":"VCID-ma29-qa7e-9qb4"},{"vulnerability":"VCID-nge1-4cvg-zqb2"},{"vulnerability":"VCID-nyum-jpbc-abew"},{"vulnerability":"VCID-p6yz-xs58-u3gm"},{"vulnerability":"VCID-pfmd-zv8f-8bfc"},{"vulnerability":"VCID-q689-wneh-hbdq"},{"vulnerability":"VCID-q8qp-5szp-mfe8"},{"vulnerability":"VCID-ruqn-mk9t-57hb"},{"vulnerability":"VCID-tv7r-qf2c-dqbm"},{"vulnerability":"VCID-w98r-yagc-kkec"},{"vulnerability":"VCID-z6tm-b352-5uhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1077499?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6861"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhu4-sy56-1yea"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.6.0-1~deb11u1%3Fdistro=trixie"}