Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/thunderbird@52.7.0-2

Type alpm

Namespace archlinux

Name thunderbird

Version 52.7.0-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 60.0-1

Latest_non_vulnerable_version 91.10-1

Affected_by_vulnerabilities

url VCID-7ksf-b6g3-ukcc

vulnerability_id VCID-7ksf-b6g3-ukcc

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5155.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5155.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5155

reference_id

reference_type

scores

value	0.02921
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-21T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86359
published_at	2026-04-07T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86378
published_at	2026-04-08T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86388
published_at	2026-04-09T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86401
published_at	2026-04-11T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.864
published_at	2026-04-12T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86394
published_at	2026-04-13T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86411
published_at	2026-04-16T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86416
published_at	2026-04-18T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86329
published_at	2026-04-01T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.8634
published_at	2026-04-02T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86358
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5155

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1448774
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1448774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-11/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104136
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104136

reference_url	http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040896

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576257
reference_id	1576257
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576257

reference_url	https://security.archlinux.org/ASA-201805-10
reference_id	ASA-201805-10
reference_type
scores
url	https://security.archlinux.org/ASA-201805-10

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-693

reference_id

AVG-693

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-693

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5155

reference_id

CVE-2018-5155

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5155

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_id

mfsa2018-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3645-1/
reference_id	USN-3645-1
reference_type
scores
url	https://usn.ubuntu.com/3645-1/

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5155

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ksf-b6g3-ukcc

url VCID-bc3c-kxdw-afh1

vulnerability_id VCID-bc3c-kxdw-afh1

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5185.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5185.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5185

reference_id

reference_type

scores

value	0.00329
scoring_system	epss
scoring_elements	0.55805
published_at	2026-04-01T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55955
published_at	2026-04-21T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.5596
published_at	2026-04-12T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55942
published_at	2026-04-13T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55978
published_at	2026-04-16T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55981
published_at	2026-04-18T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55917
published_at	2026-04-07T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55939
published_at	2026-04-04T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55967
published_at	2026-04-08T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.5597
published_at	2026-04-09T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.5598
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5185

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1450345
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1450345

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104240
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104240

reference_url	http://www.securitytracker.com/id/1040946
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040946

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1580241
reference_id	1580241
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1580241

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5185

reference_id

CVE-2018-5185

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5185

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5185

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bc3c-kxdw-afh1

url VCID-d4bx-x9pb-8kfx

vulnerability_id VCID-d4bx-x9pb-8kfx

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5150.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5150.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5150

reference_id

reference_type

scores

value	0.03916
scoring_system	epss
scoring_elements	0.88312
published_at	2026-04-21T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88315
published_at	2026-04-16T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88246
published_at	2026-04-01T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88302
published_at	2026-04-13T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.8831
published_at	2026-04-11T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.883
published_at	2026-04-09T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88294
published_at	2026-04-08T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88274
published_at	2026-04-07T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88269
published_at	2026-04-04T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88254
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5150

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388020%2C1433609%2C1409440%2C1448705%2C1451376%2C1452202%2C1444668%2C1393367%2C1411415%2C1426129
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388020%2C1433609%2C1409440%2C1448705%2C1451376%2C1452202%2C1444668%2C1393367%2C1411415%2C1426129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-11/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104136
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104136

reference_url	http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040896

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576250
reference_id	1576250
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576250

reference_url	https://security.archlinux.org/ASA-201805-10
reference_id	ASA-201805-10
reference_type
scores
url	https://security.archlinux.org/ASA-201805-10

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-693

reference_id

AVG-693

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-693

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5150

reference_id

CVE-2018-5150

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5150

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_id

mfsa2018-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3645-1/
reference_id	USN-3645-1
reference_type
scores
url	https://usn.ubuntu.com/3645-1/

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

reference_url	https://usn.ubuntu.com/3688-1/
reference_id	USN-3688-1
reference_type
scores
url	https://usn.ubuntu.com/3688-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5150

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4bx-x9pb-8kfx

url VCID-ewqm-puf8-hkbv

vulnerability_id VCID-ewqm-puf8-hkbv

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5168.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5168.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5168

reference_id

reference_type

scores

value	0.01032
scoring_system	epss
scoring_elements	0.7737
published_at	2026-04-21T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77327
published_at	2026-04-08T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77336
published_at	2026-04-09T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77363
published_at	2026-04-11T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77343
published_at	2026-04-12T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77339
published_at	2026-04-13T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77379
published_at	2026-04-16T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77378
published_at	2026-04-18T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77281
published_at	2026-04-01T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77287
published_at	2026-04-02T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77315
published_at	2026-04-04T12:55:00Z

value	0.01032
scoring_system	epss
scoring_elements	0.77297
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5168

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1449548
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1449548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-11/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104136
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104136

reference_url	http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040896

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576269
reference_id	1576269
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576269

reference_url	https://security.archlinux.org/ASA-201805-10
reference_id	ASA-201805-10
reference_type
scores
url	https://security.archlinux.org/ASA-201805-10

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-693

reference_id

AVG-693

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-693

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5168

reference_id

CVE-2018-5168

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5168

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_id

mfsa2018-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3645-1/
reference_id	USN-3645-1
reference_type
scores
url	https://usn.ubuntu.com/3645-1/

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5168

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewqm-puf8-hkbv

url VCID-ez2n-6egs-wqge

vulnerability_id VCID-ez2n-6egs-wqge

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5170.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5170.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5170

reference_id

reference_type

scores

value	0.00881
scoring_system	epss
scoring_elements	0.7532
published_at	2026-04-01T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75412
published_at	2026-04-21T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75385
published_at	2026-04-12T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75374
published_at	2026-04-13T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75415
published_at	2026-04-16T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75422
published_at	2026-04-18T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75323
published_at	2026-04-02T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75355
published_at	2026-04-04T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75333
published_at	2026-04-07T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75377
published_at	2026-04-08T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75387
published_at	2026-04-09T12:55:00Z

value	0.00881
scoring_system	epss
scoring_elements	0.75407
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5170

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1411732
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1411732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securitytracker.com/id/1040946
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040946

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1580240
reference_id	1580240
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1580240

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5170

reference_id

CVE-2018-5170

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5170

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5170

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ez2n-6egs-wqge

url VCID-jtrv-jyme-sybh

vulnerability_id VCID-jtrv-jyme-sybh

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

reference_id

reference_type

scores

value	0.37556
scoring_system	epss
scoring_elements	0.97206
published_at	2026-04-21T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97177
published_at	2026-04-07T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97187
published_at	2026-04-08T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97188
published_at	2026-04-09T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97192
published_at	2026-04-11T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97193
published_at	2026-04-13T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97201
published_at	2026-04-16T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97203
published_at	2026-04-18T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97164
published_at	2026-04-01T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.9717
published_at	2026-04-02T12:55:00Z

value	0.37556
scoring_system	epss
scoring_elements	0.97176
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1441941
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1441941

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.exploit-db.com/exploits/44759/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/44759/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-11/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104136
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104136

reference_url	http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040896

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576260
reference_id	1576260
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576260

reference_url	https://security.archlinux.org/ASA-201805-10
reference_id	ASA-201805-10
reference_type
scores
url	https://security.archlinux.org/ASA-201805-10

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-693

reference_id

AVG-693

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-693

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1541
reference_id	CVE-2018-5159
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1541

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/44759.html
reference_id	CVE-2018-5159
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/44759.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5159

reference_id

CVE-2018-5159

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5159

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_id

mfsa2018-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3645-1/
reference_id	USN-3645-1
reference_type
scores
url	https://usn.ubuntu.com/3645-1/

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5159

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtrv-jyme-sybh

url VCID-mbvn-dx8r-ubfe

vulnerability_id VCID-mbvn-dx8r-ubfe

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5161.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5161.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5161

reference_id

reference_type

scores

value	0.00925
scoring_system	epss
scoring_elements	0.75962
published_at	2026-04-01T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.76049
published_at	2026-04-21T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.76026
published_at	2026-04-12T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.76021
published_at	2026-04-13T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.76062
published_at	2026-04-16T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.76065
published_at	2026-04-18T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.75966
published_at	2026-04-02T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.75998
published_at	2026-04-04T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.75977
published_at	2026-04-07T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.7601
published_at	2026-04-08T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.76025
published_at	2026-04-09T12:55:00Z

value	0.00925
scoring_system	epss
scoring_elements	0.7605
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5161

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1411720
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1411720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securitytracker.com/id/1040946
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040946

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1580237
reference_id	1580237
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1580237

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5161

reference_id

CVE-2018-5161

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5161

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5161

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbvn-dx8r-ubfe

url VCID-swgj-zee2-x3hv

vulnerability_id VCID-swgj-zee2-x3hv

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5183.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5183

reference_id

reference_type

scores

value	0.03916
scoring_system	epss
scoring_elements	0.88312
published_at	2026-04-21T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88294
published_at	2026-04-08T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.883
published_at	2026-04-09T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.8831
published_at	2026-04-11T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88302
published_at	2026-04-13T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88315
published_at	2026-04-16T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88246
published_at	2026-04-01T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88254
published_at	2026-04-02T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88269
published_at	2026-04-04T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88274
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5183

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1454692
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1454692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104138
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104138

reference_url	http://www.securitytracker.com/id/1040898
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576283
reference_id	1576283
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576283

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5183

reference_id

CVE-2018-5183

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5183

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5183

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swgj-zee2-x3hv

url VCID-uds6-qahc-bqh7

vulnerability_id VCID-uds6-qahc-bqh7

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5184.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5184.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5184

reference_id

reference_type

scores

value	0.01035
scoring_system	epss
scoring_elements	0.77321
published_at	2026-04-01T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77411
published_at	2026-04-21T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77382
published_at	2026-04-12T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77379
published_at	2026-04-13T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.7742
published_at	2026-04-16T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77419
published_at	2026-04-18T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77328
published_at	2026-04-02T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77356
published_at	2026-04-04T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77337
published_at	2026-04-07T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77367
published_at	2026-04-08T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77377
published_at	2026-04-09T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77403
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5184

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1411592
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1411592

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104240
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104240

reference_url	http://www.securitytracker.com/id/1040946
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040946

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1580236
reference_id	1580236
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1580236

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898631
reference_id	898631
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898631

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5184

reference_id

CVE-2018-5184

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5184

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5184

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uds6-qahc-bqh7

url VCID-w44w-qwmk-mbbd

vulnerability_id VCID-w44w-qwmk-mbbd

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5154.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5154.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5154

reference_id

reference_type

scores

value	0.02921
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-21T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86378
published_at	2026-04-08T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86388
published_at	2026-04-09T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86401
published_at	2026-04-11T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.864
published_at	2026-04-12T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86394
published_at	2026-04-13T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86411
published_at	2026-04-16T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86416
published_at	2026-04-18T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86329
published_at	2026-04-01T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.8634
published_at	2026-04-02T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86358
published_at	2026-04-04T12:55:00Z

value	0.02921
scoring_system	epss
scoring_elements	0.86359
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5154

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1443092
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1443092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-11/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104136
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104136

reference_url	http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040896

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576255
reference_id	1576255
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576255

reference_url	https://security.archlinux.org/ASA-201805-10
reference_id	ASA-201805-10
reference_type
scores
url	https://security.archlinux.org/ASA-201805-10

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-693

reference_id

AVG-693

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-693

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5154

reference_id

CVE-2018-5154

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5154

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_id

mfsa2018-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3645-1/
reference_id	USN-3645-1
reference_type
scores
url	https://usn.ubuntu.com/3645-1/

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5154

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w44w-qwmk-mbbd

url VCID-yzys-pzzg-a7dk

vulnerability_id VCID-yzys-pzzg-a7dk

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:1414
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1414

reference_url	https://access.redhat.com/errata/RHSA-2018:1415
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1415

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5178.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5178.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5178

reference_id

reference_type

scores

value	0.18164
scoring_system	epss
scoring_elements	0.95202
published_at	2026-04-21T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.9518
published_at	2026-04-09T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95186
published_at	2026-04-12T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95189
published_at	2026-04-13T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95197
published_at	2026-04-16T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95201
published_at	2026-04-18T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95153
published_at	2026-04-01T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95164
published_at	2026-04-02T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95165
published_at	2026-04-04T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95169
published_at	2026-04-07T12:55:00Z

value	0.18164
scoring_system	epss
scoring_elements	0.95176
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5178

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1443891
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1443891

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://www.debian.org/security/2018/dsa-4199
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4199

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-12/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104138
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104138

reference_url	http://www.securitytracker.com/id/1040898
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576278
reference_id	1576278
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576278

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5178

reference_id

CVE-2018-5178

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5178

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_id

mfsa2018-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5178

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yzys-pzzg-a7dk

url VCID-zfme-e3k1-afct

vulnerability_id VCID-zfme-e3k1-afct

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5162.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5162.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5162

reference_id

reference_type

scores

value	0.00918
scoring_system	epss
scoring_elements	0.75877
published_at	2026-04-01T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75957
published_at	2026-04-21T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75962
published_at	2026-04-11T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75932
published_at	2026-04-13T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.7597
published_at	2026-04-16T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75972
published_at	2026-04-18T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75881
published_at	2026-04-02T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75913
published_at	2026-04-04T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75893
published_at	2026-04-07T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75925
published_at	2026-04-08T12:55:00Z

value	0.00918
scoring_system	epss
scoring_elements	0.75939
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5162

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1457721
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1457721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

reference_url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

reference_url	https://www.debian.org/security/2018/dsa-4209
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4209

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-13/

reference_url	http://www.securityfocus.com/bid/104240
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104240

reference_url	http://www.securitytracker.com/id/1040946
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040946

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1580239
reference_id	1580239
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1580239

reference_url	https://security.archlinux.org/ASA-201805-21
reference_id	ASA-201805-21
reference_type
scores
url	https://security.archlinux.org/ASA-201805-21

reference_url

https://security.archlinux.org/AVG-707

reference_id

AVG-707

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-707

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5162

reference_id

CVE-2018-5162

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5162

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_id

mfsa2018-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

reference_url	https://access.redhat.com/errata/RHSA-2018:1725
reference_id	RHSA-2018:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1725

reference_url	https://access.redhat.com/errata/RHSA-2018:1726
reference_id	RHSA-2018:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1726

reference_url	https://usn.ubuntu.com/3660-1/
reference_id	USN-3660-1
reference_type
scores
url	https://usn.ubuntu.com/3660-1/

fixed_packages

url pkg:alpm/archlinux/thunderbird@52.8.0-1

purl pkg:alpm/archlinux/thunderbird@52.8.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-89t2-wzrw-nycq

vulnerability	VCID-a79m-8sp3-v3dh

vulnerability	VCID-bfdm-fkfv-nfch

vulnerability	VCID-buz6-pv1h-pkbx

vulnerability	VCID-csm4-qspw-83da

vulnerability	VCID-j7j8-g9du-mqfz

vulnerability	VCID-sr45-86k8-8ybs

vulnerability	VCID-u23v-7afk-qben

vulnerability	VCID-yh3z-a7ed-sugh

vulnerability	VCID-ym7a-e9b5-5ygm

vulnerability	VCID-z7uh-qqy6-hkgb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.8.0-1

aliases CVE-2018-5162

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zfme-e3k1-afct

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.7.0-2

Package Instance