{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1374?format=json","vulnerability_id":"VCID-6drt-9b2u-m3hh","summary":"Thunderbird unexpectedly enabled JavaScript in the composition area.\nThe JavaScript execution context was limited to this area and did not\nreceive chrome-level privileges, but could be used as a stepping stone\nto further an attack with other vulnerabilities.","aliases":[{"alias":"CVE-2021-43528"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2145?format=json","purl":"pkg:alpm/archlinux/thunderbird@91.4.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.4.0-1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2144?format=json","purl":"pkg:alpm/archlinux/thunderbird@91.3.2-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bt3-9xbp-3ugu"},{"vulnerability":"VCID-6drt-9b2u-m3hh"},{"vulnerability":"VCID-6krg-whdf-sbfp"},{"vulnerability":"VCID-b4nd-9kkf-guhe"},{"vulnerability":"VCID-c8kq-mxnk-rugf"},{"vulnerability":"VCID-gu45-bq8y-wude"},{"vulnerability":"VCID-mua8-1ggh-r7dr"},{"vulnerability":"VCID-ncap-puz5-x7hj"},{"vulnerability":"VCID-pbb1-awzh-1ub2"},{"vulnerability":"VCID-xdkv-a1r9-puc9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.3.2-2"}],"references":[{"reference_url":"https://security.archlinux.org/ASA-202112-9","reference_id":"ASA-202112-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202112-9"},{"reference_url":"https://security.archlinux.org/AVG-2608","reference_id":"AVG-2608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2608"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54","reference_id":"mfsa2021-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-54"}],"weaknesses":[],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6drt-9b2u-m3hh"}