Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@62.0-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 62.0-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 62.0.2-1

Latest_non_vulnerable_version 150.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-bccq-jn4j-8qd8

vulnerability_id VCID-bccq-jn4j-8qd8

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16541.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16541.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16541

reference_id

reference_type

scores

value	0.04526
scoring_system	epss
scoring_elements	0.89177
published_at	2026-04-16T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89164
published_at	2026-04-13T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89112
published_at	2026-04-01T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89167
published_at	2026-04-12T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89171
published_at	2026-04-11T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89161
published_at	2026-04-09T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89155
published_at	2026-04-08T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.8912
published_at	2026-04-02T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89138
published_at	2026-04-07T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89135
published_at	2026-04-04T12:55:00Z

value	0.07687
scoring_system	epss
scoring_elements	0.91923
published_at	2026-04-21T12:55:00Z

value	0.07687
scoring_system	epss
scoring_elements	0.91926
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16541

reference_url	https://blog.torproject.org/tor-browser-709-released
reference_id
reference_type
scores
url	https://blog.torproject.org/tor-browser-709-released

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1412081
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1412081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html

reference_url	https://security.gentoo.org/glsa/201810-01
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201810-01

reference_url	https://trac.torproject.org/projects/tor/ticket/24052
reference_id
reference_type
scores
url	https://trac.torproject.org/projects/tor/ticket/24052

reference_url	https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users/
reference_id
reference_type
scores
url	https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users/

reference_url	https://www.debian.org/security/2018/dsa-4327
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4327

reference_url	https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/
reference_id
reference_type
scores
url	https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/

reference_url	http://www.securityfocus.com/bid/101665
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101665

reference_url	http://www.securitytracker.com/id/1041610
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041610

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1510816
reference_id	1510816
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1510816

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor::::::::
reference_id	cpe:2.3:a:torproject:tor::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:::::::*
reference_id	cpe:2.3:o:apple:macos:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_id	cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-16541

reference_id

CVE-2017-16541

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16541

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_id

mfsa2018-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2692
reference_id	RHSA-2018:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2692

reference_url	https://access.redhat.com/errata/RHSA-2018:2693
reference_id	RHSA-2018:2693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2693

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2017-16541

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bccq-jn4j-8qd8

url VCID-f4pn-vjxk-ybfx

vulnerability_id VCID-f4pn-vjxk-ybfx

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12379.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12379

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26943
published_at	2026-04-21T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27097
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27053
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26996
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27005
published_at	2026-04-16T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26979
published_at	2026-04-18T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27111
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27152
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27188
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2698
published_at	2026-04-07T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27048
published_at	2026-04-08T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27094
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625528
reference_id	1625528
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625528

reference_url	https://security.archlinux.org/ASA-201810-13
reference_id	ASA-201810-13
reference_type
scores
url	https://security.archlinux.org/ASA-201810-13

reference_url

https://security.archlinux.org/AVG-782

reference_id

AVG-782

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-782

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_id

mfsa2018-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2692
reference_id	RHSA-2018:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2692

reference_url	https://access.redhat.com/errata/RHSA-2018:2693
reference_id	RHSA-2018:2693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2693

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-12379

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f4pn-vjxk-ybfx

url VCID-gr1m-pdaw-a3h1

vulnerability_id VCID-gr1m-pdaw-a3h1

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12377.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12377.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12377

reference_id

reference_type

scores

value	0.03107
scoring_system	epss
scoring_elements	0.86836
published_at	2026-04-21T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86825
published_at	2026-04-11T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86822
published_at	2026-04-12T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86817
published_at	2026-04-13T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86833
published_at	2026-04-16T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86837
published_at	2026-04-18T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86756
published_at	2026-04-01T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86767
published_at	2026-04-02T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86786
published_at	2026-04-04T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86783
published_at	2026-04-07T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86803
published_at	2026-04-08T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86812
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625526
reference_id	1625526
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625526

reference_url	https://security.archlinux.org/ASA-201810-13
reference_id	ASA-201810-13
reference_type
scores
url	https://security.archlinux.org/ASA-201810-13

reference_url

https://security.archlinux.org/AVG-782

reference_id

AVG-782

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-782

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_id

mfsa2018-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2692
reference_id	RHSA-2018:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2692

reference_url	https://access.redhat.com/errata/RHSA-2018:2693
reference_id	RHSA-2018:2693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2693

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

reference_url	https://usn.ubuntu.com/3761-1/
reference_id	USN-3761-1
reference_type
scores
url	https://usn.ubuntu.com/3761-1/

reference_url	https://usn.ubuntu.com/3793-1/
reference_id	USN-3793-1
reference_type
scores
url	https://usn.ubuntu.com/3793-1/

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-12377

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gr1m-pdaw-a3h1

url VCID-kbqr-p81f-k3ch

vulnerability_id VCID-kbqr-p81f-k3ch

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12383.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12383.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12383

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23534
published_at	2026-04-21T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23606
published_at	2026-04-12T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.2355
published_at	2026-04-13T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23561
published_at	2026-04-16T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23554
published_at	2026-04-18T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23532
published_at	2026-04-01T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23692
published_at	2026-04-02T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23734
published_at	2026-04-04T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23515
published_at	2026-04-07T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23587
published_at	2026-04-08T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23633
published_at	2026-04-09T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23648
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625531
reference_id	1625531
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625531

reference_url	https://security.archlinux.org/ASA-201810-13
reference_id	ASA-201810-13
reference_type
scores
url	https://security.archlinux.org/ASA-201810-13

reference_url

https://security.archlinux.org/AVG-782

reference_id

AVG-782

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-782

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-23

reference_id

mfsa2018-23

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-23

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2834
reference_id	RHSA-2018:2834
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2834

reference_url	https://access.redhat.com/errata/RHSA-2018:2835
reference_id	RHSA-2018:2835
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2835

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

reference_url	https://usn.ubuntu.com/3761-1/
reference_id	USN-3761-1
reference_type
scores
url	https://usn.ubuntu.com/3761-1/

reference_url	https://usn.ubuntu.com/3793-1/
reference_id	USN-3793-1
reference_type
scores
url	https://usn.ubuntu.com/3793-1/

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-12383

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kbqr-p81f-k3ch

url VCID-pryc-r9jn-9bds

vulnerability_id VCID-pryc-r9jn-9bds

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12378.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12378.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12378

reference_id

reference_type

scores

value	0.03107
scoring_system	epss
scoring_elements	0.86836
published_at	2026-04-21T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86825
published_at	2026-04-11T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86822
published_at	2026-04-12T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86817
published_at	2026-04-13T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86833
published_at	2026-04-16T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86837
published_at	2026-04-18T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86756
published_at	2026-04-01T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86767
published_at	2026-04-02T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86786
published_at	2026-04-04T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86783
published_at	2026-04-07T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86803
published_at	2026-04-08T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86812
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625527
reference_id	1625527
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625527

reference_url	https://security.archlinux.org/ASA-201810-13
reference_id	ASA-201810-13
reference_type
scores
url	https://security.archlinux.org/ASA-201810-13

reference_url

https://security.archlinux.org/AVG-782

reference_id

AVG-782

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-782

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_id

mfsa2018-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2692
reference_id	RHSA-2018:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2692

reference_url	https://access.redhat.com/errata/RHSA-2018:2693
reference_id	RHSA-2018:2693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2693

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

reference_url	https://usn.ubuntu.com/3761-1/
reference_id	USN-3761-1
reference_type
scores
url	https://usn.ubuntu.com/3761-1/

reference_url	https://usn.ubuntu.com/3793-1/
reference_id	USN-3793-1
reference_type
scores
url	https://usn.ubuntu.com/3793-1/

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-12378

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pryc-r9jn-9bds

url VCID-rhdv-jxvv-5yb2

vulnerability_id VCID-rhdv-jxvv-5yb2

summary A same-origin policy violation allowing the theft of cross-origin URL entries when using a <meta> meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18499.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18499.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-18499

reference_id

reference_type

scores

value	0.0012
scoring_system	epss
scoring_elements	0.30865
published_at	2026-04-21T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.30899
published_at	2026-04-18T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41817
published_at	2026-04-07T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41794
published_at	2026-04-01T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41877
published_at	2026-04-09T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41901
published_at	2026-04-11T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41866
published_at	2026-04-12T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41853
published_at	2026-04-13T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41903
published_at	2026-04-16T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41859
published_at	2026-04-02T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41889
published_at	2026-04-04T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41867
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-18499

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1468523
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1468523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-20/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-20/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-25/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-25/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849971
reference_id	1849971
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849971

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-18499

reference_id

CVE-2018-18499

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-18499

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_id

mfsa2018-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2692
reference_id	RHSA-2018:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2692

reference_url	https://access.redhat.com/errata/RHSA-2018:2693
reference_id	RHSA-2018:2693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2693

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-18499

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhdv-jxvv-5yb2

url VCID-uvuc-b1rh-pkaq

vulnerability_id VCID-uvuc-b1rh-pkaq

summary Mozilla developers and community members Christian Holler, Looben Yang, Jesse Ruderman, Sebastian Hengst, Nicolas Grunbaum, and Gary Kwong reported memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12375.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12375.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12375

reference_id

reference_type

scores

value	0.00512
scoring_system	epss
scoring_elements	0.66382
published_at	2026-04-01T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66421
published_at	2026-04-02T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66447
published_at	2026-04-04T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66418
published_at	2026-04-07T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66466
published_at	2026-04-08T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.6648
published_at	2026-04-09T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.665
published_at	2026-04-11T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66487
published_at	2026-04-12T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66456
published_at	2026-04-13T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66491
published_at	2026-04-16T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66508
published_at	2026-04-18T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66493
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12375

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625524
reference_id	1625524
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625524

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url	https://usn.ubuntu.com/3761-1/
reference_id	USN-3761-1
reference_type
scores
url	https://usn.ubuntu.com/3761-1/

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-12375

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvuc-b1rh-pkaq

url VCID-wj3c-xpra-vffj

vulnerability_id VCID-wj3c-xpra-vffj

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12376.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12376.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12376

reference_id

reference_type

scores

value	0.03107
scoring_system	epss
scoring_elements	0.86836
published_at	2026-04-21T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86825
published_at	2026-04-11T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86822
published_at	2026-04-12T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86817
published_at	2026-04-13T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86833
published_at	2026-04-16T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86837
published_at	2026-04-18T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86756
published_at	2026-04-01T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86767
published_at	2026-04-02T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86786
published_at	2026-04-04T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86783
published_at	2026-04-07T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86803
published_at	2026-04-08T12:55:00Z

value	0.03107
scoring_system	epss
scoring_elements	0.86812
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625525
reference_id	1625525
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625525

reference_url	https://security.archlinux.org/ASA-201810-13
reference_id	ASA-201810-13
reference_type
scores
url	https://security.archlinux.org/ASA-201810-13

reference_url

https://security.archlinux.org/AVG-782

reference_id

AVG-782

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-782

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_id

mfsa2018-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_id

mfsa2018-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_id

mfsa2018-25

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-25

reference_url	https://access.redhat.com/errata/RHSA-2018:2692
reference_id	RHSA-2018:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2692

reference_url	https://access.redhat.com/errata/RHSA-2018:2693
reference_id	RHSA-2018:2693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2693

reference_url	https://access.redhat.com/errata/RHSA-2018:3403
reference_id	RHSA-2018:3403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3403

reference_url	https://access.redhat.com/errata/RHSA-2018:3458
reference_id	RHSA-2018:3458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3458

reference_url	https://usn.ubuntu.com/3761-1/
reference_id	USN-3761-1
reference_type
scores
url	https://usn.ubuntu.com/3761-1/

reference_url	https://usn.ubuntu.com/3793-1/
reference_id	USN-3793-1
reference_type
scores
url	https://usn.ubuntu.com/3793-1/

fixed_packages

url	pkg:deb/debian/firefox@62.0-1?distro=sid
purl	pkg:deb/debian/firefox@62.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2018-12376

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wj3c-xpra-vffj

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@62.0-1%3Fdistro=sid

Package Instance