Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@58.0-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 58.0-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 58.0.1-1

Latest_non_vulnerable_version 150.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2c5u-jbc5-27bg

vulnerability_id VCID-2c5u-jbc5-27bg

summary A use-after-free vulnerability can occur when arguments passed to the IsPotentiallyScrollable function are freed while still in use by scripts. This results in a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5100

reference_id

reference_type

scores

value	0.22039
scoring_system	epss
scoring_elements	0.95799
published_at	2026-04-21T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95745
published_at	2026-04-01T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95782
published_at	2026-04-13T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95792
published_at	2026-04-16T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95796
published_at	2026-04-18T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95755
published_at	2026-04-02T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95763
published_at	2026-04-04T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95766
published_at	2026-04-07T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95774
published_at	2026-04-08T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95777
published_at	2026-04-09T12:55:00Z

value	0.22039
scoring_system	epss
scoring_elements	0.95781
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5100

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1417405
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1417405

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5100

reference_id

CVE-2018-5100

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5100

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5100

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2c5u-jbc5-27bg

url VCID-4drw-dpmm-nbcg

vulnerability_id VCID-4drw-dpmm-nbcg

summary The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through file: URLs from the local file system. This loading is blocked by the sandbox but could expose local data if combined with another attack that escapes sandbox protections.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5118

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66256
published_at	2026-04-21T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66146
published_at	2026-04-01T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66221
published_at	2026-04-13T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66257
published_at	2026-04-16T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66271
published_at	2026-04-18T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66188
published_at	2026-04-02T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66215
published_at	2026-04-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66184
published_at	2026-04-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66232
published_at	2026-04-08T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66245
published_at	2026-04-09T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66265
published_at	2026-04-11T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66252
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5118

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1420049
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1420049

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5118

reference_id

CVE-2018-5118

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5118

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5118

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4drw-dpmm-nbcg

url VCID-7hu9-yxju-9bae

vulnerability_id VCID-7hu9-yxju-9bae

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5099.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5099.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5099

reference_id

reference_type

scores

value	0.02974
scoring_system	epss
scoring_elements	0.86526
published_at	2026-04-21T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86505
published_at	2026-04-09T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86521
published_at	2026-04-11T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86517
published_at	2026-04-12T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86512
published_at	2026-04-13T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86527
published_at	2026-04-16T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86533
published_at	2026-04-18T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86448
published_at	2026-04-01T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86458
published_at	2026-04-02T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86477
published_at	2026-04-04T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86476
published_at	2026-04-07T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86495
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5099

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1416878
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1416878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537821
reference_id	1537821
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537821

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5099

reference_id

CVE-2018-5099

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5099

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5099

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7hu9-yxju-9bae

url VCID-8egk-yeg9-cbcn

vulnerability_id VCID-8egk-yeg9-cbcn

summary The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5107

reference_id

reference_type

scores

value	0.01157
scoring_system	epss
scoring_elements	0.78589
published_at	2026-04-21T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78516
published_at	2026-04-01T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78564
published_at	2026-04-13T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78593
published_at	2026-04-16T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78592
published_at	2026-04-18T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78522
published_at	2026-04-02T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78553
published_at	2026-04-04T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78535
published_at	2026-04-07T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78562
published_at	2026-04-08T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78567
published_at	2026-04-09T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78591
published_at	2026-04-11T12:55:00Z

value	0.01157
scoring_system	epss
scoring_elements	0.78573
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5107

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1379276
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1379276

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5107

reference_id

CVE-2018-5107

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5107

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5107

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8egk-yeg9-cbcn

url VCID-8wuh-f43p-efee

vulnerability_id VCID-8wuh-f43p-efee

summary Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5112

reference_id

reference_type

scores

value	0.01411
scoring_system	epss
scoring_elements	0.80535
published_at	2026-04-21T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.8045
published_at	2026-04-01T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80502
published_at	2026-04-13T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80531
published_at	2026-04-16T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80532
published_at	2026-04-18T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80456
published_at	2026-04-02T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80477
published_at	2026-04-04T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80467
published_at	2026-04-07T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80496
published_at	2026-04-08T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80506
published_at	2026-04-09T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.80524
published_at	2026-04-11T12:55:00Z

value	0.01411
scoring_system	epss
scoring_elements	0.8051
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5112

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425224
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425224

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5112

reference_id

CVE-2018-5112

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5112

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5112

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wuh-f43p-efee

url VCID-axd2-wt2a-fqcn

vulnerability_id VCID-axd2-wt2a-fqcn

summary WebExtensions with the ActiveTab permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5116

reference_id

reference_type

scores

value	0.00462
scoring_system	epss
scoring_elements	0.6423
published_at	2026-04-21T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64111
published_at	2026-04-01T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64196
published_at	2026-04-13T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64231
published_at	2026-04-16T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64242
published_at	2026-04-18T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64168
published_at	2026-04-02T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64195
published_at	2026-04-04T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64155
published_at	2026-04-07T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64205
published_at	2026-04-08T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64221
published_at	2026-04-09T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64235
published_at	2026-04-11T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64224
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5116

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1396399
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1396399

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5116

reference_id

CVE-2018-5116

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5116

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5116

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axd2-wt2a-fqcn

url VCID-b87w-p2r8-9uc2

vulnerability_id VCID-b87w-p2r8-9uc2

summary An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5109

reference_id

reference_type

scores

value	0.00477
scoring_system	epss
scoring_elements	0.64977
published_at	2026-04-21T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64861
published_at	2026-04-01T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64945
published_at	2026-04-13T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64981
published_at	2026-04-16T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64993
published_at	2026-04-18T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64911
published_at	2026-04-02T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64938
published_at	2026-04-04T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64901
published_at	2026-04-07T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64951
published_at	2026-04-08T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64966
published_at	2026-04-09T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64983
published_at	2026-04-11T12:55:00Z

value	0.00477
scoring_system	epss
scoring_elements	0.64973
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5109

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1405599
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1405599

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5109

reference_id

CVE-2018-5109

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5109

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5109

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b87w-p2r8-9uc2

url VCID-bm8j-1dxt-q3a8

vulnerability_id VCID-bm8j-1dxt-q3a8

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5103.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5103.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5103

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86441
published_at	2026-04-21T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86419
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86433
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86431
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86426
published_at	2026-04-13T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86442
published_at	2026-04-16T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86447
published_at	2026-04-18T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86361
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86371
published_at	2026-04-02T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8639
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5103

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423159
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537823
reference_id	1537823
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537823

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5103

reference_id

CVE-2018-5103

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5103

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5103

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bm8j-1dxt-q3a8

url VCID-bp4q-baaa-t7at

vulnerability_id VCID-bp4q-baaa-t7at

summary A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5092

reference_id

reference_type

scores

value	0.01772
scoring_system	epss
scoring_elements	0.82699
published_at	2026-04-21T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82591
published_at	2026-04-01T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82658
published_at	2026-04-13T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82695
published_at	2026-04-16T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82696
published_at	2026-04-18T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82605
published_at	2026-04-02T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82621
published_at	2026-04-04T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82616
published_at	2026-04-07T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82643
published_at	2026-04-08T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.8265
published_at	2026-04-09T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82668
published_at	2026-04-11T12:55:00Z

value	0.01772
scoring_system	epss
scoring_elements	0.82662
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5092

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418074
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418074

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5092

reference_id

CVE-2018-5092

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5092

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5092

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bp4q-baaa-t7at

url VCID-bpsj-5ap7-zuhq

vulnerability_id VCID-bpsj-5ap7-zuhq

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5097.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5097.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5097

reference_id

reference_type

scores

value	0.24112
scoring_system	epss
scoring_elements	0.96085
published_at	2026-04-21T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96064
published_at	2026-04-09T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96067
published_at	2026-04-11T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96066
published_at	2026-04-12T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96069
published_at	2026-04-13T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96079
published_at	2026-04-16T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96084
published_at	2026-04-18T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96032
published_at	2026-04-01T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96039
published_at	2026-04-02T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96046
published_at	2026-04-04T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96051
published_at	2026-04-07T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96061
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5097

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1387427
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1387427

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537819
reference_id	1537819
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537819

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5097

reference_id

CVE-2018-5097

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5097

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5097

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpsj-5ap7-zuhq

url VCID-ef4k-zer6-bfcz

vulnerability_id VCID-ef4k-zer6-bfcz

summary When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a different site than the one loaded. This allows for phishing attacks where a malicious page can spoof the identify of another site.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5111

reference_id

reference_type

scores

value	0.00781
scoring_system	epss
scoring_elements	0.7374
published_at	2026-04-18T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73639
published_at	2026-04-01T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73697
published_at	2026-04-12T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73688
published_at	2026-04-13T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73732
published_at	2026-04-21T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73649
published_at	2026-04-02T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73673
published_at	2026-04-04T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73645
published_at	2026-04-07T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73681
published_at	2026-04-08T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73694
published_at	2026-04-09T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73715
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5111

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1321619
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1321619

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5111

reference_id

CVE-2018-5111

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5111

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5111

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ef4k-zer6-bfcz

url VCID-gnv6-wz2h-e3fj

vulnerability_id VCID-gnv6-wz2h-e3fj

summary A heap buffer overflow vulnerability may occur in WebAssembly when shrinkElements is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5094

reference_id

reference_type

scores

value	0.3543
scoring_system	epss
scoring_elements	0.97068
published_at	2026-04-21T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97023
published_at	2026-04-01T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97049
published_at	2026-04-13T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.9706
published_at	2026-04-16T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97063
published_at	2026-04-18T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.9703
published_at	2026-04-02T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97034
published_at	2026-04-07T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97044
published_at	2026-04-08T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97045
published_at	2026-04-09T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97048
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5094

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1415883
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1415883

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5094

reference_id

CVE-2018-5094

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5094

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5094

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gnv6-wz2h-e3fj

url VCID-hsy2-jvn8-s3gs

vulnerability_id VCID-hsy2-jvn8-s3gs

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5089.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5089.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5089

reference_id

reference_type

scores

value	0.02992
scoring_system	epss
scoring_elements	0.86563
published_at	2026-04-21T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86546
published_at	2026-04-09T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.8656
published_at	2026-04-11T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86557
published_at	2026-04-12T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.8655
published_at	2026-04-13T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86565
published_at	2026-04-16T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.8657
published_at	2026-04-18T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86488
published_at	2026-04-01T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86498
published_at	2026-04-02T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86517
published_at	2026-04-04T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86516
published_at	2026-04-07T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86536
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5089

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1412420%2C1426783%2C1422389%2C1415598%2C1410134%2C1408017%2C1224396%2C1382366%2C1415582%2C1417797%2C1409951%2C1414452%2C1428589%2C1425780%2C1399520%2C1418854%2C1408276%2C1412145%2C1331209%2C1425612
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1412420%2C1426783%2C1422389%2C1415598%2C1410134%2C1408017%2C1224396%2C1382366%2C1415582%2C1417797%2C1409951%2C1414452%2C1428589%2C1425780%2C1399520%2C1418854%2C1408276%2C1412145%2C1331209%2C1425612

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537417
reference_id	1537417
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537417

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5089

reference_id

CVE-2018-5089

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5089

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

reference_url	https://usn.ubuntu.com/3688-1/
reference_id	USN-3688-1
reference_type
scores
url	https://usn.ubuntu.com/3688-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5089

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hsy2-jvn8-s3gs

url VCID-htrf-wxeh-cyha

vulnerability_id VCID-htrf-wxeh-cyha

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5098.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5098.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5098

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86441
published_at	2026-04-21T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86419
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86433
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86431
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86426
published_at	2026-04-13T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86442
published_at	2026-04-16T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86447
published_at	2026-04-18T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86361
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86371
published_at	2026-04-02T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8639
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5098

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1399400
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1399400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537820
reference_id	1537820
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537820

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5098

reference_id

CVE-2018-5098

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5098

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5098

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htrf-wxeh-cyha

url VCID-kckx-uwcw-8bbz

vulnerability_id VCID-kckx-uwcw-8bbz

summary A use-after-free vulnerability can occur when manipulating floating first-letter style elements, resulting in a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5101

reference_id

reference_type

scores

value	0.01534
scoring_system	epss
scoring_elements	0.81368
published_at	2026-04-21T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81267
published_at	2026-04-01T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81336
published_at	2026-04-12T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81328
published_at	2026-04-13T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81365
published_at	2026-04-16T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81276
published_at	2026-04-02T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81298
published_at	2026-04-04T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81296
published_at	2026-04-07T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.81325
published_at	2026-04-08T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.8133
published_at	2026-04-09T12:55:00Z

value	0.01534
scoring_system	epss
scoring_elements	0.8135
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5101

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1417661
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1417661

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5101

reference_id

CVE-2018-5101

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5101

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5101

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kckx-uwcw-8bbz

url VCID-m2cy-38ne-87dy

vulnerability_id VCID-m2cy-38ne-87dy

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5117.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5117.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5117

reference_id

reference_type

scores

value	0.02154
scoring_system	epss
scoring_elements	0.84284
published_at	2026-04-21T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84249
published_at	2026-04-09T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84267
published_at	2026-04-11T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84261
published_at	2026-04-12T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84258
published_at	2026-04-13T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.8428
published_at	2026-04-16T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84281
published_at	2026-04-18T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84189
published_at	2026-04-01T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84202
published_at	2026-04-02T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84219
published_at	2026-04-04T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.8422
published_at	2026-04-07T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84242
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5117

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1395508
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1395508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537825
reference_id	1537825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5117

reference_id

CVE-2018-5117

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5117

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5117

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2cy-38ne-87dy

url VCID-mfsd-3nxb-3keu

vulnerability_id VCID-mfsd-3nxb-3keu

summary The browser.identity.launchWebAuthFlow function of WebExtensions is only allowed to load content over https: but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5113

reference_id

reference_type

scores

value	0.01419
scoring_system	epss
scoring_elements	0.80609
published_at	2026-04-21T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.8052
published_at	2026-04-01T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80575
published_at	2026-04-13T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80604
published_at	2026-04-16T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80606
published_at	2026-04-18T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80526
published_at	2026-04-02T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80548
published_at	2026-04-04T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.8054
published_at	2026-04-07T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80569
published_at	2026-04-08T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80579
published_at	2026-04-09T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80596
published_at	2026-04-11T12:55:00Z

value	0.01419
scoring_system	epss
scoring_elements	0.80583
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5113

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425267
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425267

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5113

reference_id

CVE-2018-5113

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5113

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5113

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfsd-3nxb-3keu

url VCID-nyhm-tguf-gkat

vulnerability_id VCID-nyhm-tguf-gkat

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5104.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5104.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5104

reference_id

reference_type

scores

value	0.24112
scoring_system	epss
scoring_elements	0.96085
published_at	2026-04-21T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96064
published_at	2026-04-09T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96067
published_at	2026-04-11T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96066
published_at	2026-04-12T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96069
published_at	2026-04-13T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96079
published_at	2026-04-16T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96084
published_at	2026-04-18T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96032
published_at	2026-04-01T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96039
published_at	2026-04-02T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96046
published_at	2026-04-04T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96051
published_at	2026-04-07T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96061
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5104

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425000
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537824
reference_id	1537824
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537824

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5104

reference_id

CVE-2018-5104

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5104

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5104

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyhm-tguf-gkat

url VCID-pucy-jyfx-ryb5

vulnerability_id VCID-pucy-jyfx-ryb5

summary If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the authentication request and may cause users to mistakenly send private credential information to a third party site.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5115

reference_id

reference_type

scores

value	0.0171
scoring_system	epss
scoring_elements	0.82371
published_at	2026-04-21T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82264
published_at	2026-04-01T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82333
published_at	2026-04-13T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82367
published_at	2026-04-16T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82368
published_at	2026-04-18T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82277
published_at	2026-04-02T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82297
published_at	2026-04-04T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82291
published_at	2026-04-07T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82318
published_at	2026-04-08T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82325
published_at	2026-04-09T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82345
published_at	2026-04-11T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82339
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5115

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1409449
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1409449

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5115

reference_id

CVE-2018-5115

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5115

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5115

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pucy-jyfx-ryb5

url VCID-rw3y-swwt-2kef

vulnerability_id VCID-rw3y-swwt-2kef

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5091.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5091.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5091

reference_id

reference_type

scores

value	0.02595
scoring_system	epss
scoring_elements	0.85621
published_at	2026-04-21T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85604
published_at	2026-04-11T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85601
published_at	2026-04-12T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85597
published_at	2026-04-13T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85619
published_at	2026-04-16T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85625
published_at	2026-04-18T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85525
published_at	2026-04-01T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85537
published_at	2026-04-02T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85554
published_at	2026-04-04T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8556
published_at	2026-04-07T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8558
published_at	2026-04-08T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8559
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5091

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423086
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537814
reference_id	1537814
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537814

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5091

reference_id

CVE-2018-5091

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5091

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5091

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rw3y-swwt-2kef

url VCID-saht-cs9w-h7h7

vulnerability_id VCID-saht-cs9w-h7h7

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5095.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5095.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5095

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86441
published_at	2026-04-21T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86419
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86433
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86431
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86426
published_at	2026-04-13T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86442
published_at	2026-04-16T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86447
published_at	2026-04-18T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86361
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86371
published_at	2026-04-02T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8639
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5095

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418447
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537817
reference_id	1537817
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537817

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5095

reference_id

CVE-2018-5095

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5095

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5095

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saht-cs9w-h7h7

url VCID-swar-qa2u-x3a2

vulnerability_id VCID-swar-qa2u-x3a2

summary The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5119

reference_id

reference_type

scores

value	0.00431
scoring_system	epss
scoring_elements	0.62596
published_at	2026-04-21T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62459
published_at	2026-04-01T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62565
published_at	2026-04-13T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62607
published_at	2026-04-16T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62614
published_at	2026-04-18T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62517
published_at	2026-04-02T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62549
published_at	2026-04-04T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62515
published_at	2026-04-07T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62566
published_at	2026-04-08T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62582
published_at	2026-04-09T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.626
published_at	2026-04-11T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62588
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5119

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1420507
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1420507

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5119

reference_id

CVE-2018-5119

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5119

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5119

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swar-qa2u-x3a2

url VCID-udxt-xuh1-vudp

vulnerability_id VCID-udxt-xuh1-vudp

summary Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5106

reference_id

reference_type

scores

value	0.00454
scoring_system	epss
scoring_elements	0.63847
published_at	2026-04-18T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63723
published_at	2026-04-01T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63836
published_at	2026-04-21T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63803
published_at	2026-04-13T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63838
published_at	2026-04-16T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63785
published_at	2026-04-02T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63811
published_at	2026-04-04T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63768
published_at	2026-04-07T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63819
published_at	2026-04-08T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63837
published_at	2026-04-09T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.6385
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5106

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1408708
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1408708

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5106

reference_id

CVE-2018-5106

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5106

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5106

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-udxt-xuh1-vudp

url VCID-ugsu-2fav-4bdp

vulnerability_id VCID-ugsu-2fav-4bdp

summary If an existing cookie is changed to be HttpOnly while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5114

reference_id

reference_type

scores

value	0.00471
scoring_system	epss
scoring_elements	0.64626
published_at	2026-04-21T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64513
published_at	2026-04-01T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64622
published_at	2026-04-12T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64629
published_at	2026-04-16T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.6464
published_at	2026-04-18T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64566
published_at	2026-04-02T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64594
published_at	2026-04-13T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64552
published_at	2026-04-07T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64601
published_at	2026-04-08T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64617
published_at	2026-04-09T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64635
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5114

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1421324
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1421324

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5114

reference_id

CVE-2018-5114

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5114

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5114

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ugsu-2fav-4bdp

url VCID-uwrq-mzhx-bfah

vulnerability_id VCID-uwrq-mzhx-bfah

summary A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5093

reference_id

reference_type

scores

value	0.21878
scoring_system	epss
scoring_elements	0.95776
published_at	2026-04-21T12:55:00Z

value	0.21878
scoring_system	epss
scoring_elements	0.95774
published_at	2026-04-18T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.9703
published_at	2026-04-02T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97034
published_at	2026-04-07T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97044
published_at	2026-04-08T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97023
published_at	2026-04-01T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97048
published_at	2026-04-11T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97049
published_at	2026-04-13T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.9706
published_at	2026-04-16T12:55:00Z

value	0.3543
scoring_system	epss
scoring_elements	0.97045
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5093

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1415291
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1415291

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5093

reference_id

CVE-2018-5093

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5093

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5093

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwrq-mzhx-bfah

url VCID-x4bd-bxc4-x3hk

vulnerability_id VCID-x4bd-bxc4-x3hk

summary WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consent.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5105

reference_id

reference_type

scores

value	0.00068
scoring_system	epss
scoring_elements	0.20824
published_at	2026-04-21T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20877
published_at	2026-04-01T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20859
published_at	2026-04-13T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.2085
published_at	2026-04-16T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20842
published_at	2026-04-18T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21027
published_at	2026-04-02T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21083
published_at	2026-04-04T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20799
published_at	2026-04-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20879
published_at	2026-04-08T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.2094
published_at	2026-04-09T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20956
published_at	2026-04-11T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20913
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5105

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1390882
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1390882

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5105

reference_id

CVE-2018-5105

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5105

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5105

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4bd-bxc4-x3hk

url VCID-xbv2-t3r6-y3f9

vulnerability_id VCID-xbv2-t3r6-y3f9

summary Mozilla developers and community members Calixte Denizet, Christian Holler, Alex Gaynor, Yoshi Huang, Bob Clary, Nils Ohlmeier, Jason Kratzer, Jesse Ruderman, Philipp, Mike Taylor, Marcia Knous, Paul Adenot, Randell Jesup, JW Wang, Tyson Smith, Emilio Cobos Álvarez, Ted Campbell, Stephen Fewer, Tristan Bourvon, and Jet Villegas reported memory safety bugs present in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5090

reference_id

reference_type

scores

value	0.02026
scoring_system	epss
scoring_elements	0.83815
published_at	2026-04-21T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83714
published_at	2026-04-01T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83784
published_at	2026-04-12T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.8378
published_at	2026-04-13T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83814
published_at	2026-04-16T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83728
published_at	2026-04-02T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83742
published_at	2026-04-04T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83744
published_at	2026-04-07T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83768
published_at	2026-04-08T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83774
published_at	2026-04-09T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.8379
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5090

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1413857%2C1412653%2C1418966%2C1427126%2C1412942%2C1401459%2C1364399%2C1382851%2C1423770%2C1401420%2C1281965%2C1389561%2C1409179%2C1416879%2C1421786%2C1426449%2C1416799%2C1400912%2C1415158%2C1415748%2C1415788%2C1371891%2C1415770%2C1416519%2C1413143%2C1418841%2C1384544%2C1410140%2C1411631%2C1412313%2C1412641%2C1412645%2C1412646%2C1412648%2C1261175
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1413857%2C1412653%2C1418966%2C1427126%2C1412942%2C1401459%2C1364399%2C1382851%2C1423770%2C1401420%2C1281965%2C1389561%2C1409179%2C1416879%2C1421786%2C1426449%2C1416799%2C1400912%2C1415158%2C1415748%2C1415788%2C1371891%2C1415770%2C1416519%2C1413143%2C1418841%2C1384544%2C1410140%2C1411631%2C1412313%2C1412641%2C1412645%2C1412646%2C1412648%2C1261175

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5090

reference_id

CVE-2018-5090

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5090

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5090

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbv2-t3r6-y3f9

url VCID-xueh-djk7-63gx

vulnerability_id VCID-xueh-djk7-63gx

summary A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could allow for the leaking of private information specific to the private browsing context. This issue is mitigated by the requirement that the user enter the Blob URL manually in order for the access violation to occur.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5108

reference_id

reference_type

scores

value	0.00304
scoring_system	epss
scoring_elements	0.53703
published_at	2026-04-21T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53595
published_at	2026-04-01T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.5368
published_at	2026-04-13T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53717
published_at	2026-04-16T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53722
published_at	2026-04-18T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53619
published_at	2026-04-02T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53647
published_at	2026-04-04T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53615
published_at	2026-04-07T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53666
published_at	2026-04-08T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53664
published_at	2026-04-09T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53713
published_at	2026-04-11T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53697
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5108

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1421099
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1421099

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5108

reference_id

CVE-2018-5108

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5108

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5108

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xueh-djk7-63gx

url VCID-yehu-smcf-myhs

vulnerability_id VCID-yehu-smcf-myhs

summary A potential integer overflow in the DoCrypt function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5122

reference_id

reference_type

scores

value	0.02388
scoring_system	epss
scoring_elements	0.85036
published_at	2026-04-21T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.8494
published_at	2026-04-01T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85016
published_at	2026-04-13T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85037
published_at	2026-04-16T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85039
published_at	2026-04-18T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84954
published_at	2026-04-02T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84971
published_at	2026-04-04T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84975
published_at	2026-04-07T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84998
published_at	2026-04-08T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85005
published_at	2026-04-09T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85021
published_at	2026-04-11T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85019
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5122

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1413841
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1413841

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102786

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5122

reference_id

CVE-2018-5122

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5122

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5122

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yehu-smcf-myhs

url VCID-zh6f-rvv2-sbfu

vulnerability_id VCID-zh6f-rvv2-sbfu

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5102.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5102

reference_id

reference_type

scores

value	0.24112
scoring_system	epss
scoring_elements	0.96085
published_at	2026-04-21T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96064
published_at	2026-04-09T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96067
published_at	2026-04-11T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96066
published_at	2026-04-12T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96069
published_at	2026-04-13T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96079
published_at	2026-04-16T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96084
published_at	2026-04-18T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96032
published_at	2026-04-01T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96039
published_at	2026-04-02T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96046
published_at	2026-04-04T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96051
published_at	2026-04-07T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96061
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5102

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1419363
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1419363

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537822
reference_id	1537822
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537822

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5102

reference_id

CVE-2018-5102

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5102

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:deb/debian/firefox@58.0-1?distro=sid
purl	pkg:deb/debian/firefox@58.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-5102

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zh6f-rvv2-sbfu

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@58.0-1%3Fdistro=sid

Package Instance